Is it safe to use VPN in combination with Tor Browser?

Is that a good idea to use VPN and only after that launch TOR Browser for more anonymity?

For example I have ProtonVPN, and Im going to use double-connection (secure core feature), something like "MY PC -> Iceland -> Germany", and only after that Im going to launch TOR Browser.

The question is - will the TOR Browser get all data from Germany already?

Or it will ignore my VPN double connection and get all internet data from my clear ISP connection?

How can I be 100% sure? How can I check all routes of packages?

klexx15

Posted 2018-06-01T16:31:54.887

Reputation: 1

TOR does not guarantee your anonymity. If you are connected to a VPN, and whiled connected to the VPN, you connect to the TOR network. The VPN provider can identify you. There was a case of a student, who used his college internet provider to send in a bomb threat in order to avoid a test while connected to the TOR network, he was identified by the school since he was the only user connected to the TOR network at the time the threat was sent. – Ramhound – 2018-06-01T16:48:05.243

@Ramhound ok I heard about that case, and let's be honest - we do not know all details and mistakes that student made. Maybe this story is more like propaganda, saying "do not attempt to send bomb threats, even using TOR, we will find you!". Anyway, my key question was about technical organization of routes. Will TOR Browser get all packages from Germany or it will get all packages from clear connection? – klexx15 – 2018-06-01T17:10:27.743

Your ISP and VPN provider can determine if you are connected to the TOR network. Once you are connected to the TOR network, they cannot determine what you viewed, but they can determine you are connected to it. However, if you trust your VPN provider not to keep logs, then connecting to your VPN provider, then using the TOR browser would be the safest way. The story I describe is not propaganda. I still warn you your described scenario does not guarantee your anonymity – Ramhound – 2018-06-01T17:14:45.257

I think you must edit the Title of the question because it doesn't sound good. It's difficult to understand what is the exact issue you are trying to address. Please refer this link, https://superuser.com/help/how-to-ask.

– Rajesh S – 2018-06-01T17:46:37.667

"he was identified by the school since he was the only user connected to the TOR network at the time the threat was sent" the only one in the world? Good joke – Black – 2019-07-27T09:13:57.287

Answers

AirVPN, a commercial VPN provider, explained many of the technical challenges, risks, and benefits of using the two technologies together. I would only recommend using them together if you are a technical user and/or want to experiment.

If you want to use them together, I would recommend using a separate device for your OpenVPn connection, such as OpenVPN running on OpenWRT, pfSense router, OnionPi, (or similar) so that your PC can't get it's OpenVPN and Tor client connections screwed up. This corresponds with the section Using Tor over AirVPN of the AirVPN article.

From the article:

Using AirVPN with Tor Advantages
Additional privacy layer: our VPN server will not see your real IP address but the IP of the Tor exit node (you can check your Tor exit
IP in the Client Area) Option to connect to web sites under Tor protection, even to those sites which refuse Tor connections Access to Tor from all the applications transparently: no need to configure each application, one by one Support to non-TCP applications which can not be supported by Tor Access to AirVPN DDNS Access to AirVPN DNS and micro-routing against IP address-based geo-location discriminations Access to Remote Port Forwarding Avoidance of any traffic discrimination from Tor exit nodes (packets are still encrypted when they pass through Tor exit node) Major security layer in the event you pass through a compromised/malicious Tor exit node (packets are still encrypted when they pass through the Tor exit node)

Disadvantages:
Poor performance
Fixed Tor circuit for each OpenVPN session
Access to .onion sites only from browsers configured to connect directly to Tor
Notes
Browsing with the Tor Browser, or running any application configured to use Tor Socks, generates traffic that's always directed
to the Tor network and OUTSIDE the VPN tunnel. Technically because they use a connection that had been established before the VPN connection started. If you use the Tor Browser to reach https://airvpn.org, the bottom box will always show a red 'Not connected', with an IP address of a Tor Exit Node. This is because Tor browser enters directly the Tor network. If you use another browser (not configured to use Tor socks proxy), you will see the correct green box displaying 'Connected!'. Our client automatically works with the default torrc configuration file included in the Tor Browser Bundle. If you change something, for example Socks/Control ports or control authentication settings, you need to update AirVPN client options accordingly. In the torrc default configuration file of different packages, minor but essential modifications may be necessary.

... ... ...

Using Tor over AirVPN

Using Tor over AirVPN If you wish to connect over Tor over AirVPN:
Connect normally to an Air server, in any mode except Tor mode
Launch Tor after the connection to a VPN server has been established.
All the applications configured to connect over Tor will connect over Tor over AirVPN. All the applications not configured for Tor will simply connect over the VPN. Features:
Our servers can see your real IP address.
Our servers can not see your traffic content, real origin and real destinations.
The Tor entry-node will not see your real IP address, it will see the exit-IP address of the Air server you're connected to.
Your are not protected against malicious Tor exit nodes if you send/receive unencrypted traffic to/from the final host you connect
to.

Please note that, with the above setup, if you connect to our web site with a Tor configured browser, our web server will see your Tor exit node IP address, so the site will display a red bottom box, as if you were not connected to an Air server.

YetAnotherRandomUser

Posted 2018-06-01T16:31:54.887

Reputation: 1 494

A VPN makes it so that:

your ISP will only see that you are communicating with the VPN provider.
- Your provider must also tunnel and handle DNS requests otherwise your ISP can still see DNS requests.
your ISP can see the amount and time of each data exchange between you and the VPN provider, but not the content.
Internet traffic appears to be originating from the VPN provider (which can be in a different country) and not your ISP.

A VPN does NOT:

Allow you to be anonymous unless you have totally anonyous Internet service somehow - even if you pay cash, the VPN provider has to know your ISP-provided IP which is tracked to an account by your ISP.
Hide anything from the VPN provider.
Automatically allow you to safely assume what records the VPN provider is keeping, such as DHCP/IP logs, traffic captures, etc.
Allow the VPN provider to intercept and decrypt SSL traffic unless you blindly click through SSL warnings in your browsers or applications or there is a certificate compromise.

If you run Tor while connected to your VPN:

Your ISP can't know you are running Tor.
Your VPN provider will know you are running Tor unless you use a bridge relay.
Traffic you send through Tor won't appear to be coming from your VPN provider, but a Tor exit node.
Tor traffic is encrypted in transit so VPN provider (nor ISP) can see that traffic.
VPN provider can see amount and time of each data exchange between you and Tor nodes, but cannot correlate this to specific sites as by design Tor uses new circuits constantly, so the nodes used are always changing.
ISP can see amount and time of each data exchange between you and VPN provider, but would be very difficult to correlate this with Tor activity unless you would be known only to use Tor over VPN.

Tor does NOT (no matter if VPN is involved or not):

Prevent you from disclosing information as part of what you send over Tor.
- For example, if you fill out a web form saying "My IP is X.X.X.X and my name is XXX", Tor will send this and the recipient will get it.
- Some protocols can leak this information as part of how they work if not designed to be used with Tor.
Protect you from Javascript if you enable it. Javascript in websites can leak a lot of information about your system, browsing history, etc that uniquely identify you.

So stick to browser designed to be used with Tor and follow all recommendations.

LawrenceC

Posted 2018-06-01T16:31:54.887

Reputation: 63 487