The use of virtual private networks (VPNs) in conjunction with the Tor anonymity network is a hotly debated topic. While some privacy advocates like Mental Outlaw argue against using a VPN with Tor, many privacy experts believe there are legitimate reasons to use a VPN before connecting to Tor, especially for certain threat models.
What is Tor, and How Does it Work?
Tor is free (as in FOSS) software that enables anonymous web browsing by directing your internet traffic through a worldwide volunteer network of servers in order to conceal your location and usage from anyone conducting surveillance or traffic analysis. Using Tor makes it very difficult to trace internet activity back to the user by masking IP addresses and routing connections through multiple encrypted hops around the globe.
The key advantage of Tor is that it hides your location and internet usage from your internet service provider, as well as the sites you interact with. This is extremely valuable for people wanting to avoid censorship, targeted advertising, identity theft, and government/corporate surveillance.
However, using Tor does not make you fully anonymous or fully protect your privacy. There are still risks of de-anonymization through user error, malware, timing attacks, spyware, and global network adversaries.
The Case For Using a VPN Before Connecting to Tor
So should you use a VPN in conjunction with Tor or not? There are good arguments on both sides. Let's start by exploring the potential benefits of adding a VPN into the mix.
Hiding Tor Usage from Your ISP
One of the main advantages of using a VPN before connecting to Tor is that it hides the fact that you are using Tor from your ISP in the first place.
While Tor traffic itself is encrypted, the fact that you are connecting to the Tor network may raise red flags with your ISP. Unfairly or not, Tor usage is often viewed suspiciously by ISPs and authorities. Your ISP may decide to throttle your connection speed, sell data about your usage to advertisers, or turn your information over to law enforcement.
Added Plausible Deniability
Using a VPN also provides some amount of "plausible deniability" about your internet activity. If questioned, you could claim you were just using the VPN to access geo-restricted content rather than making anonymous Tor connections. This could be the difference between raising zero suspicions or some suspicions.
And importantly, running VPN and Tor together doesn't negatively impact your anonymity either. Since Tor encryption happens after the VPN tunnel, it works essentially the same regardless of whether a VPN is used or not.
Extra Protection Against Advanced Threats
For users wanting the highest level of protection against surveillance and traffic analysis attacks, using a VPN in addition to Tor may provide safety against hypothetical global adversaries performing sophisticated traffic analysis. The extra VPN tunnel could thwart attacks like traffic fingerprinting.
However, these kinds of advanced attacks are largely theoretical and exceed the capabilities of most real-world adversaries. Nevertheless, paranoia often pays off when it comes to privacy tools!
Circumvention of Censorship
In countries that block access to Tor, using a VPN tunnel can be one way to bypass that censorship to then access Tor. Many repressive regimes do not block all VPN services, since businesses use them for legitimate purposes. A VPN can provide cover traffic to conceal Tor usage behind.
However, users in high censorship environments also face the highest risks. VPNs keeping extensive logs could undermine anonymity gained through Tor. Individuals facing persecution should exercise extreme caution when attempting to circumvent state surveillance, perhaps even avoiding electronic communications entirely when lives are at risk.
The Case Against Using a VPN Before Connecting to Tor
Now that we've covered reasons why using a VPN could be beneficial, let's play devil's advocate and look at some potential downsides of adding another link to the privacy chain.
Additional Attack Surface Area
Connecting to Tor through a VPN essentially inserts another step that could expose vulnerabilities and harm anonymity.
Instead of only trusting Tor encryption and Tor nodes to handle your traffic securely, you now also have to trust your VPN provider to safeguard your privacy as well. One compromised element could undermine the whole chain.
So theoretically, a poorly chosen VPN provider actually decreases overall privacy instead of enhancing it. However, choosing a highly trusted VPN with a strict no-logging policy minimizes chances of a VPN becoming the weak link.
Performance Impacts
Routing traffic through a VPN before sending it to Tor adds latency and impacts connection speeds. All encryption has computational costs. So users may experience slower page load times by piping traffic through two encrypted tunnels rather than just one.
In the battle between speed vs privacy, privacy usually wins. But users on very slow internet connections could find browsing barely usable with both VPN and Tor enabled.
Potentially Easier to Fingerprint
Some arguments have been made that VPN and Tor together are easier to fingerprint by creating unusual multi-hop traffic patterns not seen in typical web browsing.
However, traffic fingerprinting Tor users over the public internet is largely theoretical and technically very difficult. Running VPN through Tor configuration rather than Tor through VPN configuration mitigates chances of fingerprinting as well.
Nevertheless, paranoid users wanting perfect anonymity may prefer Tor alone without adding more identifying information to the mix.
Doesn't Protect Against User Error
No combination of technical privacy tools can fully protect against user error resulting in de-anonymization. Accidentally revealing personal information is by far the most common cause of compromised anonymity when using Tor. Technical tools only provide the potential for anonymous usage, not guaranteed absolute anonymity.
Recommendations on Using VPN and Tor Together
So in summary - using a VPN when connecting to Tor offers both advantages and disadvantages. There are good arguments on both sides. In the end it comes down to personal threat models and individual preferences around the speed vs privacy tradeoff.
Here are my recommendations in various usage scenarios:
Low Censorship Environment
For users in free countries not attempting to evade state-level surveillance, using Tor by itself provides robust anonymity from most adversaries.
Adding a VPN into the mix provides minor additional privacy gains in exchange for some added complexity. If you don't mind slight speed impacts, then VPN+Tor offers enhancement. But Tor by itself is still excellent protection for the average user.
The one exception is users highly concerned about hiding Tor usage specifically from their ISP, in which case starting connections with a trusted VPN set to not keep usage logs can provide peace of mind.
High Censorship Environment
For users in countries blocking access to Tor, using a VPN tunnel to bypass blocking and then route traffic to Tor is an essential circumvention technique. This comes at substantially higher risk depending on regime, so all normal Tor anonymity precautions still apply.
The safest configuration for censorship circumvention is VPN->Tor rather than Tor->VPN, due to the ability to frequently rotate IPs on the Tor side.
Extreme Threat Model
For users facing severe consequences if de-anonymized and willing to sacrifice browsing performance in exchange for stronger anonymity protections, concurrently running VPN and Tor browser together does make traffic analysis attacks more difficult.
However, VPN+Tor still has weaknesses against global network adversaries. And no technology can fully protect against user errors resulting in self-de-anonymization. So even at higher risk levels, technology alone is not enough - strict operational security procedures must be practiced as well.
In the highest threat models like evading violent authoritarian regimes, experts actually recommend avoiding electronic communications entirely when lives are at risk rather than relying solely on VPNs or Tor.
Closing Thoughts
Using a VPN in combination with Tor is a complex topic with many nuances around security and threat models. There are reasonable situations where VPN+Tor provides more robust anonymity as well as scenarios where VPN undermines privacy.
For the majority of users, Tor by itself offers excellent protection for casual private web browsing. But routing Tor through an additional VPN tunnel does objectively increase privacy - though whether those gains are worth added complexity depends on personal priorities and individual use cases.
I hope this comprehensive analysis helps explain factors to consider around VPN and Tor usage. Please leave feedback and feel free to ask any other questions!