I want to talk about the increased anonymity on the Internet and the improved security of web traffic that using both tools implies. There are advantages and disadvantages to doing so, and the order makes a difference.

TOR arguably provides stronger anonymity than a VPN, as your data first arrives on the network through a random node around the globe, where it bounces around with at least two other nodes, before passing through the exit node. Neither the ingress node knows where you are going nor the exit node where you are coming from. However, being anonymous does not mean that your activities are private.

A VPN encrypts your traffic. The advantage of using one is that your internet service provider is not aware of your internet browsing habits and network traffic. You are not anonymous, but your activities are 100% private (apart from VPNs that keep user logs and cooperate with law enforcement).

Using TOR over VPN encrypted VPN traffic would be transmitted to the Tor network via a couple of Tor hops before reaching its destination.

Advantages:

• Easy to set up
• Fast and stable
• The VPN provider cannot see the content of your traffic or its origin - only that you have connected to the Tor node.
• The ISP cannot see that you are using Tor, only that you are using a VPN.
• The Tor gateway node will see your VPN IP address and not your real IP address - Tor hidden sites are still accessible.

Cons:

• The VPN provider can still see your real IP address and provide that information to law enforcement.
• If you are sending unencrypted traffic, you are vulnerable to malicious Tor exit nodes.
• If your VPN suddenly goes down, your activities risk being exposed to your ISP.
• Without using a form of end-to-end encryption, you are putting all your trust in the exit node operator.

Using VPN over TOR, you first connect to the Tor Browser and then start your VPN; your traffic is encrypted after you are connected to the Tor nodes.

Advantages:

• Increased privacy from VPN providers, as they cannot see your real IP address.
• Your ISP cannot see that you are using a VPN, only that you are using Tor.

Cons:

• Very slow performance.
• You can only access hidden websites
• Very few VPN providers allow this configuration
• ISP providers do not favour the use of Tor
• The Tor network does not approve of this configuration as they believe that the VPN server can profile all your activities and that over time this can be extremely detrimental to the user.
• It is very susceptible to end-to-end synchronisation attacks that are used to de-anonymise VPN and Tor users by associating the times they connected to such anonymisation services.

Conclusion:
When using the combination of the two tools, it becomes exceedingly difficult for LE and other adversaries to identify you. At the end of the day, the option is up to you depending on what you wish to accomplish via your internet browsing and activities.

(October 26, 2022, 04:36 AM)onesandzeros Wrote: remember tor is tcp not udp
so use ur tcp profile

Nice summary thanks

Slow as fuck really

remember tor is tcp not udp
so use ur tcp profile

(October 26, 2022, 03:59 AM)Nutroid Wrote: Slow as fuck really

Yes it is, I'm not saying that this configuration will give you more performance, but it will give you more security, privacy and anonymity.

(October 26, 2022, 04:36 AM)onesandzeros Wrote: remember tor is tcp not udp
so use ur tcp profile

This is an important reminder that I will add to the OP as soon as I figure out how to do it, thank you.

thanks

Thanks for the summary dude

I have just been using a vpn because idk it feels like I should, but its interesting to see the actual pros and cons of doing so.

you know your stuff

(October 26, 2022, 04:36 AM)onesandzeros Wrote: remember tor is tcp not udp
so use ur tcp profile

Underappreciated comment in this context!
Exp. for "advanced" users who use WireGuard Protocol which does not support TCP tunneling!