VPNs are a well-known tool used to provide privacy and security for your browsing data. Tor, on the other hand, is generally less well known, although it is relatively popular. Tor is an anonymity network with its own routing protocol used to communicate over the internet. Tor is an acronym that stands for “The Onion Router” which was the original project name. Tor uses multiple hops and encryption layers to protect its users from being identified and tied to their usage.
Both Tor and VPNs use encryption to provide security for otherwise unencrypted communications and to make traffic more difficult to analyse.
Both tools connect to remote servers to make it appear as if your traffic was coming from somewhere else.
While both Tor and VPNs connect to remote servers, Tor routinely connects through three different servers chained together. The three nodes are an “Entry node” which knows your IP address, an “Exit node” which knows what site you’re connecting to and a middle “Relay node” which is used to prevent the entry and exit nodes from contacting each other directly. This three-stage process significantly increases the difficulty of deanonymizing any connection. VPN server chaining is an option offered by some VPN providers, but it is generally non-standard as it causes higher performance impacts.
As part of the server chaining process, Tor selects a random path to the destination server, this means that the route can be long and is not designed for the fastest or lowest latency connection. VPN providers that offer double or triple VPN chains generally only have pre-set routes available rather than randomly creating one from all available resources.
While VPN services generally, with the exception of peer-to-peer VPNs, have all the infrastructure under the control of the VPN provider. Tor is a distributed, free, and open-source, community-driven project. This means that most Tor nodes are run by volunteers. Some may be home users, others run by businesses or privacy advocation groups for example. The upside of this is that a single bad actor cannot compromise the entire network. The downside is that it is a lot easier for a bad actor to affect their small part. There are known cases where tor exit nodes have been actively introducing malware into files downloaded in plaintext through them. There have also been cases where government agencies have been running Tor nodes as a “honey pot” designed to lure people in so their usage can be monitored for criminal activity.
The tor browser provides a direct method of accessing the hidden “onion services” on the dark web. Whereas most VPNs do not, unless an “onion over VPN” feature is offered.
Historically, a lot of research has gone into security analysis and deanonymizing the use of the Tor network. As node details are publicly available it can be relatively easy to identify that someone is using Tor, which can be treated as a red flag to target further investigations at the user. VPNs tend to be less associated with criminal activity than tor is and are less likely to draw attention.
The Tor browser can lure people into a false sense of security that all their data is being tunnelled over the Tor network. In reality, only the Tor browser traffic is transmitted through Tor. Whereas most VPNs apply their settings device-wide, meaning the communications of all apps are protected.
VPNs are a reliable tool to protect your privacy and security when browsing at home or when travelling. Tor is a tool for the specific purpose of making it as hard as possible to link you to your browsing activity. This comes with a number of usability drawbacks such as increased ping, decreased speeds, and recommendations against using browser extensions, for example.
Neither is necessarily better in general than the other, they each have their use cases. The one you should use depends on what you want out of it. If you want a VPN that is easy to use day in, day out, then you should be using a traditional VPN provider. If, however, you don’t trust any VPN providers and want to ensure that your usage cannot be tracked to you, even at the cost of usability and performance. Or if you just want to access a hidden onion service then Tor would be the tool you should use.
Some VPN providers offer an “Onion over VPN” service. These services connect to your VPN as normal, then connect from the VPN server to the Tor network. This stops the Tor network from ever seeing your real IP address, and prevents your ISP from determining that you’re using the Tor network. If you have a VPN that offers this feature and want to use the Tor network as well, you should make use of it. The extra performance impact over just using Tor will be minimal and it hides the fact that you’re using the Tor network.