I currently want to pre pare my setup with Qubes + Whonix (and only using Tor on it) because my goal is it to maximize my privacy and to use the internet anonymously.
But I am very frequently in public networks. It is generally recommended to use VPNs when using public networks.
How is it with Qubes + Whonix?
I do not want the internet provider (like the hotel or whoever provides the internet) to be able to monitor me. Because many places like hotels demand your ID, and this could eventually get my internet traffic tracked
If you want an additional layer, I often see people recommend using a VPN between whonix and firewall-vm.
In terms of VPN provider, Qubes OS has no recommendation to make. You should decide your own proivder based on your own assesment in conjunction with your personal threat model - as well as other factors. Always remember that you can easily make your own VPN by taking a VPS/Tin with any provider and using openvpn/wireguard/blah/blah.
you can use vpn just if you want it, tor traffic is encrypted so vpn mostly used to hide tor here (tor bridge is better to hide to but Qubes + Whonix doesn’t support it)
you should read there instead of asking here (not all of us are privacy “pro”) https://thenewoil.xyz/
I had Orbot, (which is a Tor client), on my phone at one time and I found that, by mistake, I was able to establish a Tor connection at many WiFi portal systems at many establishments without needing to log in. I don’t recommend doing this, and it probably doesn’t work anymore but, I’m Just saying. Its good to know out there in the world.
Thank you for the link, I’ll look into it.
I didn’t know Tor bridges are not possible with Qubes + Whonix, how come?
And to have your estimation, would you recommend adding a VPN in my situation, or is just Qubes + Whonix (Tor always) enough?
Personally I use a VPN+Tor for things that are sensitive. @tasket has a great comprehensive “Qubes-vpn-support” which is worth looking into as well. found here:
Many people say that VPN even decreases Tor’s anonymity. It’s hard to find a conclusion as the opinions are so different.
How do you think the VPN improves it if you already use Qubes + Whonix (Tor)?
I stick to a VPN provider that already knows nothing about me paying my subscription for the VPN service using Monero. They have proven not to keep logs in the time I’ve been using both Mullvad & Cryptostorm.
I don’t want LEO to know I’m using Tor at all, I prefer my network traffic to come up as garbage not Tor traffic. Sure using Tor bridges with obfs4 reduces that fingerprinting. I still like to take precautions. I’m always checking to make sure I’ve set up my browser, OS and network correctly. (I check it daily).
Masks the fact I’m a Tor user from my ISP (Australia metadata retention laws)
Protects against spying by local network adversaries
Recommendations firstly come down to Threat Model. Under my Threat Model, it’s advantageous to utilize a VPN. Part of my Threat Model strictly dictates that no cleartext traffic may leave my machines. I’m also concerned about ISP spying & future ISP surveillance by fact of being an extensive Tor user. Therefore utilizing a Trusted VPN provider is suitable for my use. But of course evaluate your own Threat Model.