Is using a VPN with TOR a bad idea?

I was wondering if using a VPN service with TOR could be a detriment to security in anyway? I was thinking that using a VPN could be a good way to hind the fact that any connection to the TOR network was ever made from the ISP. I am aware that TOR encrypts the data being sent over the network so the ISP already has no idea what’s being accessed, but I was thinking that a VPN could make things slightly even more secure seeing that they would see where the VPN connected opposed to TOR. I know this is really relying on the VPN truly being logless and trusted, seeing that the VPN provider could easily have records of all the connections made to TOR, so this may only really be adding a slight extra step to someone trying to find out if any TOR connections where made. From what I can see this dosn’t seem like it would take away from the security TOR offers and could even add better security or at least make things slightly harder, but I’m not really sure. My big concern is that the VPN provider could some how see the unencrypted TOR data, but I have no idea if that could be possible.

Also, for extra clarity, I live in a country that doesn’t try to block or normally even monitor TOR traffic, and my VPN provider claims to be logless and doesn’t require personal information during signup and was paid for using Monero (a crypto currency).

Do not use a VPN as an anonymity solution. You can very well decrease your anonymity by using VPN in addition to Tor. “Using a VPN with Tor is not the obvious security gain that people make it out to be. Users may not lose any safety by adding a VPN, but they certainly aren’t gaining any.” — Matt Traudt.

Commercial VPNs are in business for one reason: financial profit—profits come first.

In contrast, the Tor Project is a non-profit 501(c)(3) organization within the meaning of the Internal Revenue Code, working to fulfill its ongoing mission of developing, improving, and publicly distributing free software and services, including Tor Browser, core tor, and more. See: Onion Routing and Onion Routing Brief Selected History.

Supposedly Non-Existent VPN Logs Help FBI Catch Internet Stalker.

VPNs are Lying About Logs.

Don’t use VPN services.

Not an expert at all. This question is asked a lot.
r/tor wiki has good info.
Tor does NOT encrypt data.
Tor provided anonymity but not privacy.
Exit nodes can see and log your traffic and destination if they wish.
I recall that using a VPN is not recommended with Tor by the EFF because of the need to trust the vpn and because their logs may allow traffic correlation. Using a vpn will avoid your ISP knowing that you are using Tor.

It’s importantly to add here that Tor isn’t designed to hide you are using Tor from an active adversary. Bridges let you “hide” that you are using Tor from a censorship box (for example government run firewalls) however if someone is manually analyzing your traffic they’ll figure out you are using Tor and could take steps to make using it harder and just record you are using Tor at a certain time and date.

I use a bridge (run on a VPS at a low profile data-center in some other country - that’s all we’ll say here) since my university blocks direct access to Tor. They probably know I’m using Tor if they look at my traffic but don’t have an easy way to identify which traffic is my bridge traffic in order to block it. I can easily order more IPv4s and generate new bridge keys so it’d be playing wack-a-mole.

Again it depends on threat models. I don’t want my university to have a log of every website I visit. That said I can’t stop them from knowing when I use the network nor can I hide the fact I use Tor if they specifically choose to target me or Tor/VPN users.

How is it that this question is asked once a day? No do not use a VPN, stick to tor

Only if you are using a bad VPN that keeps logs and etc.

Definitely you can use both.

As far as a VPN, do your research. Absolutely pay for it and ensure the company hasn’t been caught logging and giving your info to law enforcement.

Is driving with windshield wipers on a good idea? Sure - when it’s raining. Will it hurt to run windshield wipers when it’s not raining? No, but it still pretty fucking stupid. Same analogy for your question about VPN with Tor.

I use it extra layer of protection. Look on deepdotweb they recommend you do it. It keeps your ISP from knowing every time you use to You could also use a bridge for that.

No, it’s just pointless

Thanks for the reply and links! Having sources to look over is very much beneficial. From what I’ve read, it looks like the use of a VPN doesn’t really contribute much in terms of protecting you from others seeing the use of the TOR network, and may even be pretty dangerous.

You’re right of course - just to clarify though, and I realise you know this, Tor only does NOT encrypt data once it’s passed through the tor network to an outside resource. Once it re-enters Tor it’s obviously encrypted again back to the users browser.

Tor does not encrypt data that will be handed to your endpoint - it DOES encrypt data travelling between those two states.
HTTPS and similar is encrypted from your client (browser) to the receiving server, Tor doesn’t change that.

Just to not give anyone the impression that there is no encryption involved.

Tor does NOT encrypt data. Tor provided anonymity but not privacy. Exit nodes can see and log your traffic and destination if they wish.

That’s exactly what Tor does - encrypts data to exit node. “Privacy” is not something Tor or any program can provide, anymore than antivirus programs provide “security”. Of course the exit node can inspect traffic which isn’t encrypted - this isn’t a Tor limitation, it’s a property of Internet routing. No VPN is going to help with the aforementioned problem - only end-to-end encryption with SSL, for example, will.

Its encrypted to the exit node when it leaves the network its not encrypted so yes tor does encrypt.

Going to add here that connecting to a VPN over Tor or vice-verssa doesn’t improve anonymity (it arguably harms it, especially in scenario one, scenario two is under debate) nor privacy. Just use the HTTPS version of the websites you connect to. The majority of websites support HTTPS so malicious Tor exits aren’t as big of an issue as they used to be.

Sidebars are hard to read? [shrug]

People thinking they’re the exception to the information in the FAQ and wanting us to validate them.

Continously running your windshield wipers will also exhaust them faster. :wink:

Having the windscreen wipers on when not needed may increase the chance of an accident though.

Same with a VPN. You’re adding an unnecessary risk