Public networks: VPN recommended for Qubes?

I currently want to pre pare my setup with Qubes + Whonix (and only using Tor on it) because my goal is it to maximize my privacy and to use the internet anonymously.
But I am very frequently in public networks. It is generally recommended to use VPNs when using public networks.
How is it with Qubes + Whonix?
I do not want the internet provider (like the hotel or whoever provides the internet) to be able to monitor me. Because many places like hotels demand your ID, and this could eventually get my internet traffic tracked

Thank you for your advice!

I use Qubes at public WiFi occasionally. A couple of good VPN providers if you aren’t interested in deploying in the cloud yourself are:

Mullvad [1]
Cryptostorm [2]

[1] =
[2] =

If you want an additional layer, I often see people recommend using a VPN between whonix and firewall-vm.

In terms of VPN provider, Qubes OS has no recommendation to make. You should decide your own proivder based on your own assesment in conjunction with your personal threat model - as well as other factors. Always remember that you can easily make your own VPN by taking a VPS/Tin with any provider and using openvpn/wireguard/blah/blah.

you can use vpn just if you want it, tor traffic is encrypted so vpn mostly used to hide tor here (tor bridge is better to hide to but Qubes + Whonix doesn’t support it)

you should read there instead of asking here (not all of us are privacy “pro”)

1 Like

Mullvad is my personal preference. Works wonderfully with WireGuard under Qubes.

I had Orbot, (which is a Tor client), on my phone at one time and I found that, by mistake, I was able to establish a Tor connection at many WiFi portal systems at many establishments without needing to log in. I don’t recommend doing this, and it probably doesn’t work anymore but, I’m Just saying. Its good to know out there in the world.

Thank you for the links, but the question was firstly if it is actually recommended to add a VPN in my situation.

Yes, thank you. The actual question was if it is recommended at all in my situation to add a VPN. What do you think about that?

Thank you for the link, I’ll look into it.
I didn’t know Tor bridges are not possible with Qubes + Whonix, how come?
And to have your estimation, would you recommend adding a VPN in my situation, or is just Qubes + Whonix (Tor always) enough?

Yes, mine too. The actual question was if it is recommended in my situation to add a VPN. What do you think about it, and why are you using one?

Thank you, but how is this related to my question?

Personally I use a VPN+Tor for things that are sensitive.
@tasket has a great comprehensive “Qubes-vpn-support” which is worth looking into as well. found here:

Many people say that VPN even decreases Tor’s anonymity. It’s hard to find a conclusion as the opinions are so different.
How do you think the VPN improves it if you already use Qubes + Whonix (Tor)?

I stick to a VPN provider that already knows nothing about me paying my subscription for the VPN service using Monero. They have proven not to keep logs in the time I’ve been using both Mullvad & Cryptostorm.

I don’t want LEO to know I’m using Tor at all, I prefer my network traffic to come up as garbage not Tor traffic. Sure using Tor bridges with obfs4 reduces that fingerprinting. I still like to take precautions. I’m always checking to make sure I’ve set up my browser, OS and network correctly. (I check it daily).

who sad that? can you post the link for me?

there is no such thing is no log

I’m not going to dispute that. As it reveals too much about myself (opsec).


  1. I trust my VPN provider more than my ISP

  2. Masks the fact I’m a Tor user from my ISP (Australia metadata retention laws)

  3. Protects against spying by local network adversaries

Recommendations firstly come down to Threat Model. Under my Threat Model, it’s advantageous to utilize a VPN. Part of my Threat Model strictly dictates that no cleartext traffic may leave my machines. I’m also concerned about ISP spying & future ISP surveillance by fact of being an extensive Tor user. Therefore utilizing a Trusted VPN provider is suitable for my use. But of course evaluate your own Threat Model.

You said it better than I, so you win the internet for today! :slight_smile:

OMG, i just read Australian laws and i shocked, i think privacy don’t even exists here