Connecting to a VPN before using the Tor network provides an additional layer of privacy and security compared to using the Tor browser alone. This means you can use Onion over VPN to improve your safety on Tor, but you cannot rely on it entirely.
Onion over VPN helps to protect your traffic and shield your browsing from surveillance. It prevents your ISP from knowing Tor is in use, and stops your VPN service from monitoring your activity.
However, it is extremely slow and inconvenient compared to using the Tor browser alone. For this reason, we only recommend using this setup in extreme circumstances where security is pivotal.
In the table below, we’ve compared the pros and cons of Onion over VPN so you can decide if it’s worth it:
Pros |
Cons |
Provides an additional layer of encryption |
Cannot control IP address location |
Can access the Tor network in geo-blocked locations |
Extremely slow connection speeds |
Your ISP cannot see that you’re using Tor |
Exit nodes are frequently blocked by websites |
Your VPN service cannot monitor your browsing activity |
Your VPN service will know you’re using Tor, but not what you’re doing |
The Tor guard node cannot see your IP address |
Your VPN service knows your IP address |
Protects against certain forms of malware |
Tor only support TCP protocol |
Protects against complete de-anonymization in traffic correlation attacks |
At risk from malicious exit nodes |
Here’s a more detailed overview of how Onion over VPN offers additional security, and how it doesn’t:
Your ISP and VPN Service Cannot Monitor Your Activity
Tor is associated with criminal activity due to its affiliation with the dark web. For this reason, the use of Tor can mark you for surveillance by the government.
Using Onion over VPN reduces the likelihood of this surveillance as your ISP (Internet Service Provider) will not know you are connected to Tor.
Your VPN service will know you are connected to Tor. However, it cannot see your browsing activity within the network. Even if your VPN keeps connection logs, there is no way for your VPN provider to see exactly which websites you access within the Onion network.
Additionally, the Tor guard node will be unable to see your true IP address – only the IP address of your VPN server. This provides an additional layer of privacy.
Risk of Malicious Exit Nodes
A VPN encrypts all web traffic between your device and the VPN server. When using onion over VPN, your traffic is decrypted after passing through the VPN server and sent on to the Onion network.
Within the Onion network, your traffic is then encrypted and decrypted three more times before reaching its destination. The traffic is decrypted at the exit node, which means third parties can see what you’re doing but not who is doing it.
Tor is a community-based network where anyone can set up multiple nodes and, in theory, spy on your activity. When an exit node is set up to spy on or exploit Tor users, this is known as a malicious exit node.
If you access web servers via HTTP (Hypertext Transfer Protocol) when using Onion over VPN, your traffic is not encrypted between the exit node and the web server. This leaves you vulnerable to malicious exit nodes as your traffic is visible.
However, if you access web servers via HTTPS (Hypertext Transfer Protocol Secure) when using Onion over VPN, your traffic is still encrypted between the exit node and the web server. Although exit nodes will see the data packets transmitted, they cannot decrypt them.
Protection from Malware
Tor is often compromised by malware. When using Onion over VPN, your VPN can act as a barrier between your device and ransomware by shielding open ports through the firewall on the VPN server.
Open ports receive and transmit TCP and UDP communications. While open ports normally aren’t dangerous, they can be used to spread malware and gain unauthorized access to personal information on your device.
Although VPN software is not designed to protect you from malware, a VPN firewall can help prevent port forwarding which stops infiltrators accessing your device. This offers a degree of protection against malware, making Onion over VPN safer than Tor alone.
Security Against Traffic Correlation Attacks
Traffic correlation attacks occur when third parties observe your traffic to find a correlation between incoming and outgoing data.
It’s possible to analyze the timing, behaviour, and volume of traffic to identify the websites you are using at particular times. Onion over VPN can prevent attackers from completely de-anonymizing you, as your true IP address is hidden by VPN software.
If a government or state agency is behind the traffic correlation attack, they are still capable of legally forcing your VPN service to hand over any records they have related to the associated VPN IP address.
If your VPN service keeps connection logs, it may be possible to match these to your identity. This is one of the many reasons it’s important to use a VPN service that only logs necessary data.
Protection From UDP Data Leaks
Tor only supports the TCP protocol. This means UDP traffic, including Voice-over-IP, will have to travel outside the Tor network. This traffic may expose your IP address and online activity to third parties – known as ‘bad apple’ attacks.
Onion over VPN provides a layer of protection against this form of attack. Any leaked UDP traffic would still be routed via the VPN server in an encrypted tunnel, which means they cannot be used to identify you.
Data leaks can still happen if the VPN connection is lost, which means it’s important to understand which traffic is able to travel through the Tor network and adapt your online activity accordingly.
Access to Tor in Geo-Blocked Countries
It is legal to use Tor in most countries around the world. However, there are still some places where it’s banned, including Belarus, Turkey, and China.
VPN software allows users to mask their true location by connecting to a VPN server in a different country. This means you can use a VPN to download and use the Tor browser in highly-censored countries.
Some websites block traffic from Tor IP addresses, which means you may still have difficulty accessing some services with Tor. To solve this issue, using VPN over Tor would be a better solution.