Sure… that’s fine… you do you.
But if OP was asking my advice, I would strongly advise against it. Here’s why. The premise here is that TOR users want two things. Anonymity of self (hide who’s doing stuff). And anonymity of action (hide what is being done). TOR on your standard Comcast / AT&T connection will hide WHAT is being done, but not WHO is doing it. AT&T / Comcast will, possibly know, that some TORish thing was done by someone at a specific IP at a specific time.
OK, so now alternatives are something like a gas station WiFi, or a VPN. The gas station, or their ISP, may know that something TORish was done, but they will need CCTV to guess who was in range to do that TORish thing. And you could do even better with other hotspots with less surveillance.
The VPN on the otherhand know that holder-of-account-XYZ did something TORish at a specific time. So your argument is that your ability to obscure payment processing through pre-paid credit cards or Monero, is better than someone’s ability to dodge a CCTV camera. Maybe… Maybe not. I think most of the time people screw up anonymizing payment processing. Even when they think they are doing it right.
You do you… But I’ll keep to my opsec.
That’s a great point! My post was written specifically about the traffic sent through Tor - I completely agree that a VPN can be beneficial for non-Tor traffic, including UDP traffic, but I wrote the post to answer questions on “does adding a VPN to Tor protect my connections more” or “how do I hide my IP from the entry guard” or “how do I hide that I’m using Tor from my ISP”
I never said, “more”. A malicious node can log and so can a VPN or ISP. More logs equal higher chance of…
That was pretty stupid for a Harvard student. I read the story about FB hiring a cybersecurity firm to find an exploit in Tails to bust a guy that was sending out death threats to women. Tails is pretty safe and uses the onion network yet they were able to find out his actual IP. So clearly they do have the capability to find ppl. It’s pretty wild to me.
But that only happened because they had the investigative guess of looking into the logs of Harvard’s ISP, I believe. And considering the threat he sent was to Harvard itself, it wasn’t a difficult conclusion to reach anyway.
But still, there is no way they could affirmatively trace the bomb threat from Tor to the Harvard LAN, is there?
then my ISP will be able to see all of my non-Tor traffic.
Even if you don’t “forget” and do deliberate traffic, there are apps (e.g. email, messenger, chat) and services (e.g. time, updaters) in your system that will do normal traffic at any time. You want that traffic protected by the VPN.
Are you using Tor Browser in this case?
If you have the option to bypass Tor Browser with split tunnel feature in VPN.
The consensus is wrong. Tor over VPN is fine, VPN doesn’t help or hurt the Tor traffic, VPN protects the non-Tor traffic of your system.
Thank Goodness someone agrees.
So your argument is that your ability to obscure payment processing through pre-paid credit cards or Monero, is better than someone’s ability to dodge a CCTV camera.
No, my argument is that the non-Tor traffic of your system could use some protection via a VPN. VPN doesn’t help or hurt the Tor traffic.
Anything from apps other than Tor Browser. Updaters, OS services, email client checking email, any other app you use while TB is running too.
“does adding a VPN to Tor protect my connections more”
I would say yes, it protects the non-Tor parts of your traffic more. You can’t just look at Tor or Tor browser in isolation, you have to take a system view.
Instead people end up saying “if you’re using Tor, don’t use a VPN”, which is a bad answer.
But the ISP definitely knows your home address, and probably your name and phone number and more. It’s easy to sign up for a VPN without giving any of that info. And a Tor node knows even less about you. Hiding info from the ISP is a win.
Honest question, why do you care what your ISP sees on ‘Non-Tor’ Traffic?What’s the real benefit here?
The consensus is right. This is coming from official documentation from Tor Project itself, VPN can be used against you and shouldn’t be used on Tor.
ISP probably is one of the biggest threats to my privacy. They know my name, home address, probably phone number, probably paid from bank so they know my bank info, maybe see what TV channels I’m watching, etc. I don’t want to also let them see what domains I’m accessing. Much/most of my traffic is not done through Tor browser.
Nonsense, just an appeal to authority, and a wrong one too:
Can I use a VPN with Tor? | Tor Project | Support says:
Generally speaking, we don’t recommend using a VPN with Tor unless you’re an advanced user who knows how to configure both in a way that doesn’t compromise your privacy.
and TorPlusVPN · Wiki · Legacy / Trac · GitLab says:
You can very well decrease your anonymity by using VPN/SSH in addition to Tor. (Proxies are covered in an extra chapter below.) If you know what you are doing you can increase anonymity, security and privacy.
But all you really need to know is that “VPN over Tor” configuration generally is bad, if using VPN company’s client, because then VPN company will see traffic before and after Tor routing, destroying any benefit of the Tor routing. And “VPN over Tor” is kind of hard to achieve; it’s easy to do “Tor over VPN”.
They also sell your browsing information
Makes a lot of sense I suppose your phone company does too, privacy is difficult when the entity you are trying to be private from is the person providing the network to use.
I use proton when not torrenting. Mostly I don’t care so much having worked for an ISP I feel they are fairly incompetent in general.