Hello. I am thinking would it make any sense in terms of OPSEC to connect to whonix through VPN, so ISP doesn’t see tor usage so clearly. I heard that if it’s done this way, VPN first —> tor, the tor route/used nodes would be always the same? Or?
So, I’m using VPN on all other qubes to provide privacy, but thinking is it necessary to even bother with whonix, being reasonably secure already. And if so, why?
Tor will work the same if you use it behind a VPN, the circuit will change as usual (every dozen hours if I remember correctly). This will hide your Tor usage to your ISP or anyone looking at your network traffic nearby (public hotspot etc…)
privacyguides dot org represents my stance completely. I have beat my head against this controversy for years and years. I always use VPN’s (one sometimes two) before entering the TOR nodes, but NEVER after the onion exit nodes. That is really bad OpSec because the circuits won’t rotate as designed by the TOR team. While this is my .02 it comes from years of network engineering and some common sense. In addition I have access to hundreds of physical servers and I never use a VPN server where I frequently connect to conduct “real name” workspace. Simply reserve a few dozen VPN servers for PRE-TOR circuits and don’t mix them. Another duhhhh.
Of course where possible you should connect via onion links so there is NO exit node, Duhhhh!!!
Don’t hate me folks, you have the right to disagree and I won’t be offended in the least!
ExpressVPN was purchased in 2021 by Kape Technologies, which also owns many other large VPN providers, such as Private Internet Access and Cyberghost.
PureVPN also provided logs and information in a 2017 case.
If anyone is looking for a trustworthy VPN service, they should look here instead:
yes it is better IF you don’t trust your personal ISP, you’re only shifting trust from your ISP to the VPN ISP.
your setup should be :
you (bare IP)=>VPN=>Tor
if you want something more complex, potentially more secure go for a set up like this :
combine two or 3 proxies (this will slow down your connection to Tor further more), the purpose of this is to add an extra layer of obfuscation on top of the VPN traffic encryption.
these two setups will mask Tor usage from ISP completely (potentially better than just using Tor bridge) and make it harder if not, impossible to eavesdrop from ISP, also making it harder for who ever who owns the exit node you are connecting to from running a correlation attack to de-anonymize you.
take into consideration that this is only for network privacy, how you use your device, and other variables that vary determines how secure you could be.
you’re allowing your VPN to see all of your TOR traffic, big NO.
your exit node is exposed to VPN ISP, they will hand all of your info to LE (if that’s your threat model), if your Tor traffic is associated with something “sus”, that can be all exposed through the setup you mentioned easily since the VPN will have all of your TOR traffic.
if you’re browsing clearnet and want to spoof your IP, just use a proxy.
E2E encryption is provided by HTTPS, so stating that VPN provider sees all traffic is not true (only domain; same as normal VPN). And I guess we agree that you shouldn’t use plain HTTP with Tor at all.
(It helps to visualize these things as being tunnels within tunnels, someone here in forum posted a great pic I currently cannot find. Otherwise thought experiments can quickly escalate into brain fucks )
I once experimented for fun and learning networks with Tor → VPN. My threat model just was not being ad-tracked by some big corp site, that did not allow Tor, but permitted VPN connections.
Using any other proxy certainly is an alternative, but wasn’t the question.
Yes, you get a one single Tor circuit for the whole VPN session, which is used to a establish a TCP connection to VPN provider. There isn’t any stream isolation without reconnect both VPN and Tor.
Hence good hint regarding recommendations by Tor project.
I think the comment on correlation attacks was more about Tor -> VPN.
Normally tor circuits are switched automatically on certain conditions like domain, port and so on. If I recall that correctly, Tor browser also switches after certain amount of time within one domain. With VPN -> Tor you basically would have one single circut for the whole VPN session. I have no idea, what practical implications this has, but at least it works against some of the basic stream isolation principles of Tor.