Hello, my name is Nicholas Cuts. I am an employee of SwitcherryVPN company. In my new article, we will compare two popular technologies designed to ensure the safety, anonymity and privacy of ordinary network users – VPN and the Tor onion router. You will learn how VPN and Tor work, how they function, and what methods are used to protect user traffic from tracking. The article will detail the advantages and disadvantages of each technology, and direct comparison using examples taken from everyday practice will help you determine when and in what cases it is better to apply each of the two technologies.
The Internet has not been a secure environment since its inception. An army of thousands of hackers is hunting for confidential data of network users 24 hours a day, 7 days a week. Attackers are interested in literally everything – from your bank account and card numbers to any information that can be used for blackmail. The governments of some countries, in which censorship and total supervision of citizens are legally enshrined, are not lagging behind criminals. Even in those countries that are generally considered “free and democratic”, the government obliges Internet service providers to track and record in a log (which is kept for up to six months) of their customers’ online activities.
All this means that public authorities of any country, in spite of statements about privacy, can legally access the most confidential data of Internet users if they wish. Against the backdrop of continuous attacks on privacy, both by criminals and representatives of government agencies, ordinary users are faced with an urgent question: how to protect themselves from total surveillance on the Internet? Those people who already know about the existence of technologies designed to ensure the anonymity and privacy of Internet users, put the question more specifically: which to choose, Tor or VPN? What will protect your privacy better? Which technology should you choose? You will receive comprehensive answers to these and other questions related to the main topic in this article.
Table of contents
- 1 What is VPN and why is it secure
- 2 VPN advantages and disadvantages
- 3 What is and how does the Tor onion router work
- 4 Tor advantages and disadvantages
- 5 VPN vs Tor – head-to-head comparison
- 6 Сonclusions
- 7 FAQ
What is VPN and why is it secure
VPN – “Virtual Private Network” – is one of the most advanced technologies for secure data transmission. “Virtual” here means that a secure VPN-network is created on the basis of an existing, “real” insecure network, in our case, the Internet, and “Private”, that the data transmitted in VPN-networks becomes inaccessible to outsiders. VPN-networks are deployed by various enterprises and organizations, both for their own needs and for servicing private and corporate clients. Companies that provide VPN services are called VPN providers. VPN works as follows: A VPN provider deploys a network of servers with special software installed, which is called a “VPN server”. Clients of the VPN provider, in turn, install programs or applications on their devices, called “VPN client”. When a VPN client connects to a VPN server, a so-called “tunnel” is created between them – a secure, secure connection.
Since the VPN is created on an open network, all traffic passing through the VPN tunnel can still be intercepted by any attacker. Also, of course, the ISP also has full access to the data transmitted through the VPN tunnel, since the traffic coming from the client’s device cannot physically bypass the ISP’s server. But neither the hackers nor the ISP are able to determine what kind of data goes through the VPN tunnel, since all information passing between the VPN client and the VPN server is encrypted. The security of the VPN tunnel is determined by the cryptographic protocol used. Some protocols are considered obsolete and weak (eg PPTP) and are best not used. Others, like IPSec and OpenVPN, are strong. VPN tunnels created using weak cryptographic protocols.
An important feature of a VPN connection is the substitution of the user’s own IP address with the IP address of the VPN provider’s server. When a user goes online without taking any precautions, his IP address is “visible” to all Internet resources that he visits, and when downloading files from torrents, the user’s own IP address is “visible” to absolutely all participants in the torrent network. Naturally, the ISP also “sees” and records in its logs which sites the user visits, which files they download, whether they use a torrent, etc.
VPN advantages and disadvantages
As stated above, security depends on the encryption protocol used. The more reliable the cryptographic protocol, the higher the resistance of the VPN tunnel to hacker attacks and hacking attempts. Weak encryption protocols are easy to break, so the connection created on their basis is insecure.
Another risk factor is VPN client and VPN server failures. If the VPN client crashes or there is a problem on the server side, Internet traffic will flow past the VPN tunnel, nullifying the security of the connection. Therefore, all good VPN clients should have a built-in Kill Switch that blocks the Internet connection in the event of any software failure, both on the client side and on the server side. I wrote about checking my VPN for security here.
Anonymity and confidentiality
Since redirecting traffic through the VPN server and encrypting it takes additional time, the Internet speed for VPN users will decrease to some extent. This factor directly depends on whether the VPN provider has modern powerful high-speed servers and the total number of these servers. In other words, if two companies have the same number of users, then the one that has more active servers will provide a higher data transfer rate to its customers. The best VPN providers have thousands of high-speed servers, so the Internet speed drops only slightly for their customers. Companies that provide VPN services for free, as a rule, have few servers, and there are quite a large number of users, which is why their data transfer speed drops dramatically. How to check the speed of your VPN, you can learn from this article.
Supported Operating Systems and Devices
VPN is out of competition here. VPN apps exist for all popular operating systems and most devices.
Selecting and changing geolocation
To change geolocation, the user needs to change the VPN server. The best VPN providers have servers in almost every country in the world. If you are using a VPN client to connect to the VPN, you can select a new VPN server for geolocation with one click. If the VPN connection is configured directly in the operating system or on the router, then you will have to contact the VPN provider to get the data to connect to another VPN server located in the desired geographic area.
Installation and configuration
Installing a VPN client is no different than installing any other program. Once installed and launched, the VPN client is fully operational. It is somewhat more difficult to set up a VPN directly in the Operating System or on a router. But, following the step-by-step instructions, an ordinary user can easily set up a VPN on his computer, phone, tablet or router on his own. To use a VPN is also very simple, the main thing is not to make common mistakes.
What is and how does the Tor onion router work
Tor is arguably the most advanced technology for anonymizing Internet users. The Onion Routing principle was invented by one of the US Navy laboratories. Tor is currently being developed primarily by enthusiastic volunteers, but the Department of Defense and the US Department of State are still funding the project.
The onion network consists of several thousand servers – “nodes”. The word “bulbous” means that traffic passing through the network, as it were, passes through several layers of multilayered protection. Ordinary users get access to the onion network using the free Tor browser.
Before sending data to the Tor network, the Tor browser encrypts it three times using three different keys. The data passes through at least three randomly selected nodes in the Tor network. Each of these nodes receives its own decryption key, so that the data is completely decrypted at the output. In addition, a secure TLS data transfer protocol is used between the Tor browser and the entry node. That is, the traffic between the Tor browser and the entrance node of the Tor network will be encrypted in any case, even if the target site uses the insecure HTTP data transfer protocol.
Traffic going in the opposite direction (from the target site to the Tor browser) undergoes the same transformations, that is, it is encrypted three times at the entrance node of the Tor network and finally decrypted by the Tor browser on the user’s device.
The main advantage of Tor’s multilayer onion routing is complete anonymity at every layer. Thus, the input node knows only the IP addresses of the user and the intermediate node, the name of the target site and the IP address of the output node is unknown to it, the intermediate node only knows the IP addresses of the input and output nodes, and the output node only knows the IP address of the intermediate node and the name of the target. site.
Tor advantages and disadvantages
Pluses and minuses here, too, enough.
The Tor network does not guarantee complete security, since the transmitted data is decrypted at the exit from the network and, if the unsecured HTTP protocol is used, it can be read immediately. This is why it is important to always use the secure HTTPS data transfer protocol.
But the main security problem is the existence of fake Tor network nodes, that is, those that are created by hackers or special services to steal user data and spy on citizens. Such nodes are also called compromised. For a successful attack, an attacker only needs to control the input and output nodes of the network. All information passing through compromised nodes can be intercepted and decrypted (which has already happened repeatedly). To reduce the risk of data interception, the Tor browser changes its entry node every few minutes.
Anonymity and confidentiality
In the Tor network, the user’s own IP address is replaced with the IP address of the exit node. Multi-layered encryption and a random selection of Tor network nodes ensure the highest possible level of anonymity and confidentiality (provided that no traffic passes through compromised nodes).
The data transfer speed in the Tor network is extremely slow. And this is not surprising – after all, the data passes through at least three servers (“nodes”), undergoing complex manipulations at every stage. And since the Tor network was created and maintained mainly by enthusiastic volunteers, many of its nodes are located on slow and outdated servers. All of these factors negatively affect the speed of data transfer in Tor networks, making it impossible to watch streaming video and extremely slowing down the download of files from torrents. In general, enthusiasts who create and maintain Tor nodes are extremely negative about the very idea of downloading large files through the Tor network. It is no coincidence that an appeal to users is posted on the official website of the Tor project: “Please do not Torrent over Tor”.
Supported Operating Systems and Devices
Tor browser versions exist for almost all popular operating systems. You can find and download the browser suitable for your operating system on the websiteTorproject.org… The iOS version of the Tor browser is called Onion Browser. Apps for iOS are allowed to be downloaded and installed only from the App Store, so you can find the Tor browser for iOS only here:Onion browser…
Installation and configuration
The Tor browser is as easy to install and run as any other application, but fine-tuning this program to obtain the maximum level of protection requires special knowledge.
Since the exit node on which the user’s “visible” IP address depends is randomly selected, there is no normal way to select a specific geolocation in the Tor browser. In the hidden settings of the Tor browser, you can specify the country where the exit node is located, but this does not always lead to the desired result. In addition, the Tor developers strongly discourage doing this, since such a change in settings jeopardizes anonymity.
VPN vs Tor – head-to-head comparison
|Resistance to blocking by government agencies.||Knowing the IP addresses of VPN servers, the government of any country can block the operation of any VPN provider on its territory.||Tor is a distributed network with independent nodes. Blocking Tor completely is very difficult, almost impossible.|
|Geolocation selection||It is very easy to select a new geolocation in the VPN client, literally with one click. It’s a little more complicated, but it’s still not difficult to change geolocation if the VPN is configured on a router or operating system.||There is no way to select a specific geolocation in the Tor browser.|
|Protection||The VPN client protects the entire computer or other device on which it is installed (if there are no leaks).||Tor only protects traffic going through the Tor browser.|
|Security||Security depends on the encryption protocol used. Strong cryptographic protocols provide 100% security in practice.||The security of data transmission when using the HTTP protocol is not guaranteed. In addition, there is some possibility that user traffic will reach compromised Tor nodes and be decrypted.|
|Baud rate||A quality (paid) VPN service has high or very high data transfer rates. Free VPN usually has unsatisfactory data transfer speeds.||Very low (by modern standards).|
|Price||A free VPN service is easy to find, but quality VPN services come at a low cost.||The Tor browser is completely free.|
Each of the two technologies – VPN and the Tor Onion Network – protects users’ privacy in their own way. VPN is effective in keeping data secure, while Tor focuses on anonymity when surfing the net.
However, no one bothers you to combine these two technologies, that is, use the Tor browser in conjunction with a VPN. Of course, the data transfer rate is likely to drop to a minimum, but the anonymity, security, and confidentiality of the connection will be maximized.