I decided to get the onion browser and I was recommended to get a vpn but then this thing called DNS Cloak was recommended and it is apparently not a VPN but acts like one or something. So what’s the difference and can I have both?
A DNS cloak doesnt offer privacy. It’s mainly a authentication method between you and your name server to prevent man in the middle attack’s (ie someone intercepting your dns request and sending you to a different server than you requested)
A DNS cloak helps ensure that your device’s DNS requests are encrypted, secure and that the DNS responses are not being spoofed.
It basically means, for example, that if you navigate to reddit.com then you can ensure you actually get directed to Reddit’s servers and your Internet Service Provider (ISP) should not be able to see that you requested reddit.com (though they can still see what computers/servers your device is communicating with by IP address).
A VPN tunnels all your internet traffic (usually including DNS requests) through a remote server typically owned/operated by the company providing the VPN service.
When using a secure VPN, your ISP can only see that you are using (or connected to) the VPN. They cannot see what domains (like reddit.com) you are requesting and they cannot see which computers/servers your device is communicating with (other than the VPN server).
However, this doesn’t mean your privacy is completely guaranteed. Basically you are now entrusting the VPN server with that information (like the websites you visit) instead of your ISP.
So what does a VPN do? Am I currently safe on Onion Browser
Can I get both or just one? Which is better
Can I get both or just one?
I think it may depend on the device and how the software is implemented. On mobile, I think DNS Cloak/Crypt apps typically rely on the mobile Operating System’s VPN interface (even though they’re not really a VPN). So, I’m guessing the OS will only allow you to have one active at a time.
Which is better?
Well I suppose it depends on what your goal is.
A DNS cloak primarily helps with preventing man-in-the middle attacks where basically a hacker hijacks your connection and pretends to be the operator of the website/server you requested. E.g. you enter reddit.com but actually get directed to some hacker’s server which is unrelated to Reddit.
This is a relatively rare exploit and the risk of it happening to you is very low although there is a non-zero risk when using an unknown/untrusted network (like a public Wi-Fi hotspot).
A VPN, on the other hand, provides more complete protection (especially with respect to privacy/anonymity). It can securely tunnel all your internet traffic through to a remote VPN server so that nobody (including a hacker or your ISP) between you and the VPN server can see what you’re doing online. However, you do have to trust that the VPN service will respect your privacy and that they won’t try to perform man-in-the-middle attacks.
The other difference is that a VPN obscures your IP address from the website/servers you access. Your IP address will appear to be one owned by the VPN service rather than your own address. A DNS Cloak/Crypt app generally won’t obscure your IP address.