People who recommend NOT connecting to a VPN before connecting to Tor: why?
#Tor #VPN #privacy #privacyMatters #infosec
⇧
People who recommend NOT connecting to a VPN before connecting to Tor: why?
#Tor #VPN #privacy #privacyMatters #infosec
Day Use X Mockin' Uh
Unknown parent • • •@pockets
I don't think there's really any correction to be made there; that makes sense, and ironically, it kind of highlights a common misunderstanding about what a VPN is actually doing in this context.
You hear a lot of people refer to a VPN in front of Tor as a "fourth hop," which is incorrect. Your VPN, with one exception that I know of (which I'll explain below) is never creating any layer of encryption used by your Tor circuit, which is what would be necessary in order for it to literally act as another hop in that regard.
What your VPN connection is actually doing in that case, is exactly what a VPN is designed to do in any case, which is in effect to take the place of your ISP and do what they would be doing otherwise. This is the main reason I always use a VPN. Sadly, it is true that the majority of them are shady, but not all of them are, and your ISP is 100% guaranteed to log everything at all times no matter what, and they won't even lie about that. Just as
... show more@pockets
I don't think there's really any correction to be made there; that makes sense, and ironically, it kind of highlights a common misunderstanding about what a VPN is actually doing in this context.
You hear a lot of people refer to a VPN in front of Tor as a "fourth hop," which is incorrect. Your VPN, with one exception that I know of (which I'll explain below) is never creating any layer of encryption used by your Tor circuit, which is what would be necessary in order for it to literally act as another hop in that regard.
What your VPN connection is actually doing in that case, is exactly what a VPN is designed to do in any case, which is in effect to take the place of your ISP and do what they would be doing otherwise. This is the main reason I always use a VPN. Sadly, it is true that the majority of them are shady, but not all of them are, and your ISP is 100% guaranteed to log everything at all times no matter what, and they won't even lie about that. Just ask them; they'll tell you. This is not only a concern if you're doing something illegal: all of the information your ISP has about you is available legally to anyone who wants it as long as the price is right. Cops and lawyers are the only potential adversaries, of any threat model no matter how absurd, who require a subpoena even in theory; anyone else simply requires money.
Now, the exception I mentioned above is that some VPN companies offer specific, designated Tor servers, that act as both your VPN server and as your entry node for Tor. If only on principle, I don't trust those things because I refuse to, personally. Regardless: if, for argument's sake, you were to connect your VPN to one of those servers, and then connect to Tor again—it would be functionally worthless, first off—and you would also be doing what is referred to as Tor-over-Tor, which is exactly what the name would suggest, and is highly advised against by people who are either more or less paranoid than I am, and me.
Unus Nemo
in reply to Day Use X Mockin' Uh • •@Chris Wolff @pockets
There is no reason to connect a Tor Connection through a VPN. It just adds more latency for no benefit. If you really do not want your ISP to know you are using Tor for some reason then just use a Tor Bridge.
If you are a investigative reporter, under the control of an oppressive government, etc then juts using Tor from an insecure OS (or secure) is not good enough. You should be using Tails, Whonix, or Qubes as well. All the for mentioned OSes do a good job of explaining why you might want to use them in their documentation.
Check your laws in your demographic. VPN are required to log a certain number of things by law just like an ISP, which is not true of Tor. If you have a reason to care then you should take this into consideration. I personally have no reason to care.
When I am shopping and telemetry benefits
... show more@Chris Wolff @pockets
There is no reason to connect a Tor Connection through a VPN. It just adds more latency for no benefit. If you really do not want your ISP to know you are using Tor for some reason then just use a Tor Bridge.
If you are a investigative reporter, under the control of an oppressive government, etc then juts using Tor from an insecure OS (or secure) is not good enough. You should be using Tails, Whonix, or Qubes as well. All the for mentioned OSes do a good job of explaining why you might want to use them in their documentation.
Check your laws in your demographic. VPN are required to log a certain number of things by law just like an ISP, which is not true of Tor. If you have a reason to care then you should take this into consideration. I personally have no reason to care.
When I am shopping and telemetry benefits me I use a standard browser. When I do not want the telemetry I use Tor. I have no reason to waste precious resources on a VPN.
Tor does not use DNS so this does not apply to that service. Though if you would like to speed up your internet connection and limit some of the information your ISP or VPN can collect then setup BIND9 (named) and do your own DNS. Though if you have a laptop or mobile devices do not forget to change their DNS servers to dynamic when you leave home.