i use nordvpn, and they offer onion over vpn. im somewhat confused as to the benefit of this. based on this graphic they posted on their site…
I think their own graphics is wrong you cannot have a non encrypted connection to the Tor network.
First line should say encrypted with VPN and Tor and the line going from the VPN server to the Tor node should say encrypted with Tor
I feel naked using Tor without a good VPN.
there’s no benefit. they offer it because people will buy it. but it actually makes tor less safe. just use plain tor
I want mention - there is even disadvantage, because you can live in country where is Tor “not accepted”
Should we use TOR over VPN always?
To me, the benefit is: you leave the VPN on all the time. If you get in the habit of turning it off when you do TOR, at some point you will forget to turn VPN back on when you stop TOR and go back to normal browser.
Also, what else is happening while you’re running TOR with VPN off ? Background processes are looking for updates from the internet, without VPN.
If someone knows for a fact that this setup is less secure than the traditional set up, provide evidence for your claims. Just saying “look the line is red there so it’s ‘not encrypted by Tor’ so it isn’t safe”, is not an argument since maybe TLS is not mentioned here. TLS will provide you the end-to-end encryption, without the anonymity. When you mix both together, you have both anonymity and confidentiality.
There is no encryption between you without vpn and the TOR servers either…
Yeah, you’re right. Btw, if I’m not mistaken this screenshot is very old, and you definitely can’t find this on their site anymore.
there’s no benefit.
The benefit is convenience. It does make your Tor session less safe than full-blown Tor, but if you don’t need the protection of Tor but still want to access .onion sites in a secure manner, it’s really handy. I use it occasionally.
To me, the benefit is: you leave the VPN on all the time. If you get in the habit of turning it off when you do TOR, at some point you will forget to turn VPN back on when you stop TOR and go back to normal browser.
Why is that a problem?
With this setup you are sacrificing all of the privacy and security properties of the Tor browser for hiding the fact that you are using Tor from your ISP.
Also, what else is happening while you’re running TOR with VPN off ? Background processes are looking for updates from the internet, without VPN.
Why is that a problem?
One thing these VPN Tor setups don’t do is change your exit node every 10 minutes. I don’t believe they change your relay nodes either.
They’re not nearly as safe as the regular Tor browser, but they are definitely useful.
Wrong, when you connect to the Tor network your connection is encrypted with three layers (more laters when c accessing onion services) of encryption and each node in the circuit peels one layer off, that’s why it is called onion routing because it has layers like the onion bulb.
forget to turn VPN back on … Why is that a problem?
Because I want the VPN to protect my normal browsing.
you are sacrificing all of the privacy and security properties of the Tor browser
Not true. All your VPN sees is that you are using Tor. You still have the multi-hop nature of the Tor system, with traffic getting decrypted only at the exit node.
Background processes are looking for updates from the internet, without VPN. … Why is that a problem?
Because I want my VPN to hide my traffic from my ISP, and my IP address from the outside world.
Are you saying there is no way to configure your Tor VPN setup to do both those things? Could you share a link that says this information?
EDIT: And actually it’s bad to rotate [guard] nodes too often. It introduces more risks of falling on a malicious one. The Tor browser actually changed its old rotation logic, what you are describing is outdated.
EDIT 2: Fixed “exit” to “guard”. But it might still be true for exit nodes as well.
Also all links use TLS. You → relay uses TLS, and all relay → relay links use TLS.
Your ISP will still know you connected to a TOR node…
Then why turn it off for tor, your more likely to get your IP exposed on a bare TOR browser than having a VPN at the same time. You wouldn’t wash your hands but not use soap, you want to be safe and use both
Not true. All your VPN sees is that you are using Tor. You still have the multi-hop nature of the Tor system, with traffic getting decrypted only at the exit node.
Tor browser makes every user look the same to prevent tracking by fingerprinting, it isolates cookies and other identifiers per website and routes connection to each website you are browsing through a different Tor circuit to prevent tracking across websites.
With this setup you have none of this, you are using a regular browser which has a unique fingerprint, everything is pushed through the same Tor circuit, there is no isolation of cookies, you can be uniquely identified and tracked across websites.
