Noob question about VPNs, does running tor with another vpn running make the security any better or just redundant?

Noob question about VPNs, does running tor with another vpn running make the security any better or just redundant?

I use a VPN 24/365 to protect the non-Tor traffic of my system. Then when I want to access an onion site, I launch Tor Browser and thus have Tor over VPN.

Tor Browser is secure by itself. Tor Browser doesn’t need help from a VPN. VPN doesn’t help or hurt the Tor traffic. VPN is there for the non-Tor traffic.

That said, neither VPN nor Tor/onion are magic silver bullets that make you safe and anonymous. VPN mainly protects your traffic from other devices on same LAN, from router, and from ISP. Also hides your home IP address from the destination web site. TorBrowser/onion does all of that too, but only for Tor browser traffic; also adds more hops to make it harder to trace back from the destination server to your original IP address, and also mostly forces you into using good browser settings. Both VPN and Tor/onion really protect only the data in motion; if the data content reveals your private info, the destination server gets your private info.

It will rarely hurt and rarely help.

If you want a more detailed and qualified answer, read this post by Matt Traudt: https://matt.traudt.xyz/posts/vpn-tor-not-mRikAa4h/

Short answer: better but not always necessary

using a VPN will almost always be negative. sometimes in terms of just speed. but other times it can completely compromise your anonymity

It depends on who your adversary is.

A VPN can help deflect attempts to identify Tor traffic on the local network and ISP level. This can be big if:

1. You’re on a public network that blocks/monitors Tor users.

2. You’re in a country where Tor is illegal.

3. Law enforcement is already on to you, and they have a pen register on your IP.

It is very unlikely to help you from being mapped out by three letter agencies; assume that intelligence agencies with unlimited resources and no real legal oversight have every ISP and VPN service directly piping all of your data straight to them – wittingly or unwittingly by the service providers – because in all likelihood, they do.

VPN mainly protects your traffic from other devices on same LAN, from router, and from ISP. Also hides your home IP address from the destination web site. TorBrowser/onion does all of that too, but only for Tor browser traffic

What do you mean “for only Tor browser traffic”? Is this .onion websites?

Why wouldn’t tor hide your IP from your LAN/router/ISP if you connected to a regular clearnet website?

Here is my argument that a VPN moderately helps:

Tor is mainly used by criminals. We can pretend that whistleblowers and privacy-oriented people use Tor. But a large portion of the regular internet bans IP addresses from Tor exit nodes. Tor is pretty slow. Tor is pretty inconvenient.

What is the point of publicly announcing to your ISP that you use Tor? If you use a VPN you can at least hide that fact. I also think it is not OK to use the bridge service, as that should only be for users in countries that have criminalized Tor usage. Those of us who live in countries where Tor is legal shouldn’t occupy the bridge service.

I know that you might say this is bad, if more people used Tor openly than the stigma would go away. While that is true, we are not there yet. As long as there is a stigma I will hide my Tor usage behind a VPN.

Second argument, directly addressing your link. I would like to hear your response if you have some time:

He argues that if the NSA can either 1) own a large number of Tor entry/exit nodes or 2) monitor the traffic going into the entry nodes and the traffic exiting the exit nodes, then the NSA is obviously powerful enough to monitor the traffic going into and out from your ISP, and get your IP.

I don’t think it is fair two merge point 1 and 2 in the premise and derive the conclusion of the argument.

I would grant that if the NSA was not owning any Tor nodes, yet sophisticated enough to monitor the input/output traffic, that yes then the NSA is clearly sophisticated enough to monitor and correlate the traffic from your VPN provider and discover your IP.

However, I think that if the NSA was instead simply owning the Tor nodes, and lacked the technical capability to monitor input/output traffic, then using a VPN would at least keep your IP address safe. I don’t think that the NSA simply owning the Tor nodes shows that they are sophisticated enough to correlate your VPN packets.