The Internet was not built to protect user privacy and safety. Its flexible protocols allow people to build unique software and applications, but they still need to be protected. In this article we will try to investigate whether the combination of Tor and VPN can help you truly anonymity on the Internet?
Tor is a project designed to protect users since 2002. It is an open source browser that allows users to anonymously communicate online. Tor was first developed by Syverson and computer scientists Roger Dingledine and Nick Mathewson, and was originally called The Onion Routing (Tor) project, due to its encryption layers.
The Tor Browser and VPN are similar because they share the same purpose, but differ in their technological approaches. While the two still hide users’ identities, and ensure their web activity is private and encrypted, there are certain advantages and disadvantages to these two. That’s why using these two kids at the same time is the safest decision to ensure digital privacy.
How does Tor work?
Tor originally used a system developed by the US Navy to protect intelligence communications. It compresses your data to become smaller and encrypts the compressed data before it first sends them through a web of large nodes that can be run by anyone. The path has been selected at random and predefined, your traffic will go three minimum three transition nodes before reaching the last nodes.
Every time traffic passes through a forwarding node, an encryption layer is removed, and once that encryption layer is removed, reveals the next forwarding notes to which the traffic will be sent. Each forwarding node will only be able to decode enough data to locate the next nodes and the nodes to which traffic has been sent.
Exit nodes will remove the final encryption layer. It can see the user’s location or IP address, but Exit nodes can see user activity if they visit an insecure website (not HTTPS).
How does a VPN work?
A regular VPN works much simpler because it has a third-party support. Your VPN provider encrypts all of your data and browsing, directing all traffic to a remote server owned or leased by them. Users can typically choose worldwide named servers, so they can unlock content based on your location while browsing. For example, when using Google News, you will see articles in Vietnam because your current location is Vietnam, while using a VPN to the US for example, it will provide articles in the US.
A decentralized VPN will mimic Tor’s architecture much more closely. As a peer-to-peer (P2P) system, users will access a global network of nodes that are voluntarily operated by everyone. However, the nodes get paid to provide the VPN service and keep their network up and running.
An example of this activity is the Mysterium Network. This DApp (decentralized application) allows people to choose to connect from a list of nodes (mostly residential IPs) from around the world. Traffic is encrypted and the user pays the nodes for the number of minutes they have connected and the traffic they are sending through the nodes.
Full breakdown of Tor’s fundamental differences from VPN and dVPN
For comparison, I use Mysterium as an example of dVPN, although there are other projects, and each project has its own technical approach, solution and advantages.
Network design
dVPN: A set of global nodes (often running in people’s homes) that make VPNs work by sharing their P2P bandwidth in exchange for cryptocurrency or something else. Users can easily become a nodes and can also download VPN applications to select global locations using the nodes ID.
Tor: The main goal of Tor is privacy and anonymity. It is a browser that keeps you anonymous by sending your traffic to different nodes. Your traffic cannot be tracked as each node is encrypted with traffic and hidden from the source IP.
VPN: not a network, but a globally centralized VPN service that uses servers of data centers around the world in hundreds of different locations. VPNs also allow the use of P2P on certain servers and can provide additional dedicated IP addresses, Double VPN, Onion Over VPN, connected to the Tor anonymous network.
How do nodes get additional income and reward?
dVPN: The P2P network allows nodes to set their own prices based on supply and demand. This unique payment system uses cryptocurrencies for transactions, so nodes can sell their bandwidth within a certain amount, to ensure safety and convenience.
Tor: Tor does not pay for nodes. All nodes are run by volunteers. Hence the nodes on the Tor network are still relatively small (After more than 10 years of development, Tor still has only 6500 exit nodes).
VPN: Nodes get paid in VPNs because these businesses own the infrastructure and serve the end users of the service. (Easy to understand, because VPN eats money from users, it has money to pay for nodes and also makes VPN more developed).
Online nodes
dVPN: Anyone can run a node using their computer or even a mini computer like a Raspberry Pi. Logically, even mobile devices can be powered to run nodes. The runners of nodes can link those nodes to an e-wallet address through an easy-to-use dashboard that can track income there.
(probably find out and then show them to you to try)
Tor: Anyone can create and run a Tor nodes. However, Tor has many different technical requirements, so Tor advises you not to run forward nodes (ie not exit nodes) from the consumer level, for fear of your computer being unable to stand it.
VPN: VPN companies manage their own servers and exit nodes, so all setup and maintenance is done by the company’s employees. By paying for the service, users get access to the VPN.
Costs and fees
dVPN: Users pay with electronic money, each time they use they will pay for how much bandwidth used based on the price that the nodes set. Nodes make money directly from the users of this VPN service. They pay a small fee to the payment centers to validate their payments, called a settlement fee or remittance fee, similar to miners that pay to process transactions in blockchain network.
Tor: Free to use.
VPN: Monthly subscription model, instead of a pay-per-connection structure. Sometimes users are even motivated to pay for a 3-year subscription (the marketing is over).
User security
dVPN: A layer of fast security and can be combined with VPN to protect more privacy, it is built so that different protocols can connect to nodes. Traffic slicing can send traffic to different services through different nodes. Thanks to protocols like Wireguard and OpenVPN, user traffic is encrypted, so even ISPs can’t see what’s going on.
Tor: Although Tor has better privacy or anonymity settings and is great at hiding your browsing activities, your ISP can still see that you’re connected to Tor. This can lead to your ISP monitoring you, as US government agencies (FBI / NSA) are constantly trying to crack Tor and discover user activity. Owners of entry nodes can see your real IP address. After these nodes hide your address, the rest of the nodes will no longer know who you are. Nodes will eventually see your traffic, but will not know your identity. There are some risks to using the network, but this is the best privacy option available right now.
VPN: Traditional VPN services route all Internet user’s traffic through a remote server, hiding the IP address and encrypting all incoming and outgoing data. For encryption, they use technologies like OpenVPN and Internet Key Exchange v2 / IPsec in their applications. One company admitted their server was hacked because an expired private private key was revealed, potentially allowing anyone to clone their company’s server. Additionally, the VPN exit node knows the user’s IP, destination address and in many cases (for fiat payments) even the user’s identity (name, email,….). If the destination is unencrypted (for example, not using udnjg HTTPS), they can see the content you’re accessing.
Policy
dVPN: No activity log! The distributed architecture eliminates any possibility of earning or logging operations.
Tor: Some theories suggest that some nodes are run by malicious actors (such as the NSA) that has the ability to control nodes to monitor user activities. The network itself cannot store logs, however Tor’s entries and exit nodes can see your traffic or IP address, but putting the information together to identify you will need a lot of effort. force.
VPN: In theory, a VPN “can” keep the logs of users, but there are also many parties who commit to the policy of not keeping the logs of users. However, no one can really be sure that they are not cooperating with the government or that they are not selling users’ browsing data to third parties.
Ease of use
dVPN: dVPN applications are simple to use via PC or mobile apps. New nodes can be set up in just 5 minutes or 5 steps using simple, user-friendly control panels. There is a team of knowledge and support ready to help you. Users will need some basic understanding of cryptocurrencies and must have an Ethereum wallet set up (or have a cryptocurrency exchange account) in order to make payments.
Tor: Anyone can download and install the Tor browser to connect to the internet (just like any other browser). However, the Tor browser is quite slow (because all of your traffic has to go through many nodes). Hence its actual usability is affected (eg, it is not possible to unlock the website content) but the downside is the trade-off for better anonymity. For nodes, there must be a minimum of 100GB of outgoing traffic (and the same incoming traffic) per month.
VPN: Some VPNs have intelligent algorithms that automatically choose the best server for you based on your location, or meet your special requests. VPN apps are also easier to use, support convenient payment methods (such as credit cards), and have 24/7 support.
Technique
dVPN: Like most P2P infrastructures, the more people join the network, the faster and more powerful the network becomes. The Mysterium micropayments system is a 2-layer home solution. It is built to handle large volumes of users and translation, making the network faster and more scalable.
Tor is currently used by more than 1 million users. Due to its dispersion properties, the lattice could theoretically grow larger. However, it will require a much higher number of nodes. Unfortunately though, there are millions of users. Tor has not seen a major growth in nodes because it is a free service run by volunteers. With no quantity for nodes, it can only grow in terms of users.
VPN: Depends on the amount of high bandwidth and fast connection speed to provide optimal service to their users. Often using multiple implicit protocols to ensure their networks can scale and adapt to different needs.
Compatible
dVPN: Android, macOS, Windows, Linux.
Tor: Android, Windows, Mac, Linux and is supported in the Brave browser.
VPN: Android, Windows, Mac, iOS, Chrome / Firefox extension, Linux.
Open source?
dVPN: Absolutely! Transparent and collaborative from Ground Zero – check out the Myst codebase.
Tor: a pioneer in the open source movement – take a look at the Tor codebase.
VPN: No – VPN is proprietary and it is closed source. You can just imagine what they do with your data saved in their server.
Exploit?
dVPN: Of course.
Tor: Yes, but it doesn’t use blockchain for payments.
VPN: No.
Network status
dVPN: Direct testnet – about 900 nodes with more than 600 nodes at any given time.
Tor: Approximately 6500 exit nodes.
VPN: Depends on the size of the VPN provider, but the largest can provide more than 5200 servers in the past 59 countries.
So, Tor or VPN and why not choose both?
Tor and VPN are complementary security solutions, so they can work together to increase your security and anonymity.
There are two methods to unify Tor with a VPN:
VPN over Tor: connect to Tor browser first, then activate your VPN. This is a more complicated method as it requires some manual configuration. Since your VPN server acts as exit nodes, exit nodes owned by Tor will not strip off the final layer of encryption to know your activity. While your ISP can tell you that you’re using Tor, it can track your activity and keep your IP address hidden from the VPN service.
Tor over VPN: Connect to your VPN, then open the Tor browser. Your VPN will encrypt all of your traffic before it goes over the Tor network and also hides your IP address. It also hides the fact that you are using Tor from your ISP. However, if your VPN provider keeps logs, they can see your usage of Tor. This is why this method is best when you use a decentralized VPN, as it doesn’t keep logs of your users.
Both Mysterium and Tor can be paired together to ensure the best security. One of the most reviewed features of Mysterium is to expand your whitelist in such a way that your traffic only exits through one Mysterium’s IP nodes, while the rest of the traffic will be routed. continue over the Tor network. In this way, Mysterium users will access un-geoblock content, and the person running nodes will not risk unwanted content passing through their nodes.
Big picture
Decentralized private networks like Mysterium and Tor are foundations, open source technologies that have managed to develop large, community-based technologies without any support. However, we have a rather different point to consider, while regular VPNs protect their users (with money), I still believe the battle against surveillance and censorship is a split. share (free).
Tor helped launch anonymity revolutions in here and now the dVPN industry is evolving even further. In the case of Mysterium, an unreliable payment system and a P2P micropayment system could turn out to be a game changer and would lead to an increase in exit nodes much higher than they currently are.
