Tor vs. VPN

16 May 2013 |

Update, August 2013: Wired magazine reported that TOR has been compromised by the FBI and many TOR users could be identified via malware that they injected into certain sites. Unless you take big technical precautions, TOR is starting to look like a weaker option for anonymity. You can read our summary here.

What is Tor?

Tor is an anonymity network that provides free software designed to allow you to access the internet anonymously. Unlike VPN, where the VPN provider knows your real IP address, and can see your internet traffic at the exit point (the VPN server), with Tor your signal is routed through a number of nodes, each of which is only aware of the IP addresses ‘in front’ of the node and ‘behind’ it, so that at no point can anyone know the whole path between your computer and the website you are trying to connect with.

The name Tor originated in the acronym The Onion Router, which was developed by US Navy and refers to the way in which data encryption is layered, being re-encrypted multiple times as it passes between randomly selected nodes.

Tor is therefore considered an extremely secure way to access the internet while keeping your true identity hidden.

Tor is endorsed by many civil liberties groups, including the Electronic Frontier Foundation (EFF), and has been widely praised for allowing dissidents, whistleblowers and human rights workers to freely access the internet, express their views, talk to journalists, and otherwise become involved in political activity that has been banned by their own repressive regimes.

It does of course also allow criminals to act with impunity, and famously allows access to the underground market The Silk Road, which only works when connected to using Tor. Those interested in the ethics of internet anonymity should keep a lookout for our upcoming article on the subject.

How Tor works

As we noted above, Tor passes data between a number of randomly selected nodes, encrypting it each time. Each node knows where signal comes from and the node it is going to, but cannot see the whole route (circuit).

htw1

For reasons of efficiency these relay circuits are randomly reset every 10 minutes so that your actions cannot be linked to earlier actions.

htw2

Each node is run by a volunteer, and therefore the more volunteers there are, the more secure the whole Tor network is.

htw3

Volunteering to run an exit node is therefore of great service to the Tor community, and strikes a meaningful blow for freedom and against oppressive censorship. It is also not difficult to set up. However, running an exit node means that other Tor users’ activity, including potentially highly illegal activity, will appear to originate from your IP address, which may lead to trouble. There is an article on how to minimize the risks available here.

Installing Tor

Installing Tor is very easy these days (it used to be a little more complicated), and it is available for Windows, OSX, Linux/Unix and Android.

In Windows you need only download and run Tor package, which will self-extract into a directory of your choice (no additional installation files are added to your computer.

tor 3

Double-click on the ‘Start Browser.exe, and the connection dialogue will start.

pic_1

Once connected, the Tor client starts a customized version of Firefox Portable. Not only is this very lightweight, but it allows you to carry a version of Tor with you on a USB stick (for example) so you can easily access the internet anonymously from any PC.

tor 2

You can now surf the internet anonymously! The Tor service can be tuned on and off using the Onion icon, or customized using the icon’s drop-down menu.

Tor also provides a customized version of the Tails Live CD/USB Linux based distro, so you can boot directly into a secure OS.

Tor vs. VPN

As you can see, the purpose of Tor is very similar to that VPN’s primary purpose – to maintain internet users’ online anonymity and to evade firewalls. Like VPN, it can also be used to spoof geo-location by the user continually re-connecting until the exit node is in the desired country (quite easy if you want a US based exit node, less easy for smaller or less internet connected countries).

However, not only is the technology used quite dissimilar (for a discussion on how VPN works see here), but they are also quite different in use.

Tor advantages

  • No-one can trace you to external IPs visited
  • Distributed network – almost impossible to shut down or attack in a meaningful way
  • Free

Tor disadvantages

  • Very slow – because your data is randomly bounced through a number of nodes, each of which could be anywhere in the world, using Tor can be painfully slow
  • Not suitable for P2P filesharing – while there is no way to stop you from using BitTorrent over Tor (and people do it) it is a) very slow, and b)  very bad form as it slows down the entire network for every other user, for some of whom access to the internet via Tor may be of critical and possibly life threatening importance
  • While it can, at a pinch, be used for location spoofing (see above), Tor is a very fiddly and inefficient way to go about it. In addition to this, the slowness of Tor means that using the service to stream geo-restricted media services is unfeasible.

VPN advantages

  • Fast – generally speaking you will see very little slowdown to your raw internet connection speeds  when using a VPN service
  • Location spoofing is very easy – most VPN providers offer servers in many locations worldwide. Because connections are fast, VPN is ideal for streaming geo-restricted media content
  • Ideal for P2P filesharing –  while many providers prohibit it, many are set up with filesharing in mind

VPN disadvantages

  • The VPN provider can see your internet activity – and in many countries is required by law to keep records of it, which may be handed over to the authorities or to copyright lawyers. VPNs are also vulnerable to server raids by the police, in an effort to obtain the information they may contain. This is why it is vital to choose a provider who keeps no logs (and is in a position to keep this promise). Of course, even when a VPN provider promises  to keep no logs, you must trust them to keep their word …
  • Costs money (although typically under $10 a month, or less if you buy in bulk)

Conclusion

The great advantage of Tor is that you do not need to trust anyone – your internet use is completely anonymised. However it is very slow, and largely as a consequence of this, it is not suitable for many of the most popular activities people want to use VPN for, such as filesharing and streaming geo-restricted media content.

As long as a trustworthy no logs VPN provider is used, then VPN is a very secure, consumer oriented privacy solution that provides much greater performance and flexibility than Tor can offer.

If, on the other hand, you are a mafia whistleblower,  or a dissident living under regime in which it would be very dangerous to be caught performing certain activity (such as writing political blogs), then Tor is the safest solution.

Just remember that there is no such thing as a 100% guarantee of anonymity, whichever route you take. There are always, at least potentially, loopholes in any security arrangement, and individuals often give their true identifies away through patterns of behavior, unguarded comments made while  on-line, or any other number of simple and not-so-simple mistakes.

Using VPN with Tor

It is possible to use Tor and VPN together for increased security and privacy, and we now have an article on this subject available here.



Did you like the article? Help spread the word and share!
Written by Douglas Crawford
I am a freelance writer, technology enthusiast, and lover of life who enjoys spinning words and sharing knowledge for a living. Find me on Google+

7 Responses to “Tor vs. VPN”

  1. Manolo says:

    Very good article, thank you ;)

  2. joaco says:

    Thaks for this, it’s exactly what I was looking for. Tor ther I go!

  3. response says:

    which do you start first, tor or the vpn,
    so does it matter which works inside the other? how does all of that work? (don’t guess please, only answer if you have a clear and definate understanding -thanks!)

    • Douglas Crawford says:

      Hi response,

      I have written an article on Using Tor and VPN together, which discusses just this question in detail. The short answer is that connection to Tor first is better, as it hides your true IP address from even your VPN provider, while also protecting you from malicious Tor exit nodes and bypassing blocks on Tor exit nodes.

  4. Anonymous says:

    You cant compare Tor and a VPN. They are apples and oranges but people treat them as competing products. But I can tell you this for low threat situations like surfing while avoiding google analitics but for high threat situations like journalism in the mid-east use Tor.

    • Anonymous says:

      I forgot to say that in low threat situations use a VPN I forgot to put VPN in there.

      • Douglas Crawford says:

        Hi Anonymous,

        Well, both VPN and Tor provide privacy while surfing, and hide your IP from the outside world. You are correct, however, about the threat models they best address – VPN is best for lower threat situations where internet performance is an issue. Tor is best when very high degrees of anonymity are required, but will destroy internet connection speeds. For even greater privacy/anonymity, it is possible to use VPN and Tor Together.

Leave a Reply

Recent Posts

Support Privacy

BestVPN.com sometimes receives monetary compensation from some listed VPN providers. We proudly donate to:

EFF

privacy international

IDL

Fight for the future

WAIT! 20% OFF AN AWESOME VPN TODAY!
SIGN UP TO OUR NEWSLETTER AND GET THIS DEAL RIGHT NOW
We have a weekly privacy news summary and will also send you great discounts, coupons and deals on VPN services.
JUST ENTER YOUR EMAIL TO GET THIS DEAL
Your Information will never be shared with any third party.