VPN vs Tor – Comparing Two Technologies

Hello, my name is Nicholas Cuts. I am an employee of SwitcherryVPN company. In my new article, we will compare two popular technologies designed to ensure the safety, anonymity and privacy of ordinary network users – VPN and the Tor onion router. You will learn how VPN and Tor work, how they function, and what methods are used to protect user traffic from tracking. The article will detail the advantages and disadvantages of each technology, and direct comparison using examples taken from everyday practice will help you determine when and in what cases it is better to apply each of the two technologies.

The Internet has not been a secure environment since its inception. An army of thousands of hackers is hunting for confidential data of network users 24 hours a day, 7 days a week. Attackers are interested in literally everything – from your bank account and card numbers to any information that can be used for blackmail. The governments of some countries, in which censorship and total supervision of citizens are legally enshrined, are not lagging behind criminals. Even in those countries that are generally considered “free and democratic”, the government obliges Internet service providers to track and record in a log (which is kept for up to six months) of their customers’ online activities.

All this means that public authorities of any country, in spite of statements about privacy, can legally access the most confidential data of Internet users if they wish. Against the backdrop of continuous attacks on privacy, both by criminals and representatives of government agencies, ordinary users are faced with an urgent question: how to protect themselves from total surveillance on the Internet? Those people who already know about the existence of technologies designed to ensure the anonymity and privacy of Internet users, put the question more specifically: which to choose, Tor or VPN? What will protect your privacy better? Which technology should you choose? You will receive comprehensive answers to these and other questions related to the main topic in this article.

Privacy while working on the Internet is very important
Privacy while working on the Internet is very important

What is VPN and why is it secure

VPN – “Virtual Private Network” – is one of the most advanced technologies for secure data transmission. “Virtual” here means that a secure VPN-network is created on the basis of an existing, “real” insecure network, in our case, the Internet, and “Private”, that the data transmitted in VPN-networks becomes inaccessible to outsiders. VPN-networks are deployed by various enterprises and organizations, both for their own needs and for servicing private and corporate clients. Companies that provide VPN services are called VPN providers. VPN works as follows: A VPN provider deploys a network of servers with special software installed, which is called a “VPN server”. Clients of the VPN provider, in turn, install programs or applications on their devices, called “VPN client”. When a VPN client connects to a VPN server, a so-called “tunnel” is created between them – a secure, secure connection.

Since the VPN is created on an open network, all traffic passing through the VPN tunnel can still be intercepted by any attacker. Also, of course, the ISP also has full access to the data transmitted through the VPN tunnel, since the traffic coming from the client’s device cannot physically bypass the ISP’s server. But neither the hackers nor the ISP are able to determine what kind of data goes through the VPN tunnel, since all information passing between the VPN client and the VPN server is encrypted. The security of the VPN tunnel is determined by the cryptographic protocol used. Some protocols are considered obsolete and weak (eg PPTP) and are best not used. Others, like IPSec and OpenVPN, are strong. VPN tunnels created using weak cryptographic protocols.

An important feature of a VPN connection is the substitution of the user’s own IP address with the IP address of the VPN provider’s server. When a user goes online without taking any precautions, his IP address is “visible” to all Internet resources that he visits, and when downloading files from torrents, the user’s own IP address is “visible” to absolutely all participants in the torrent network. Naturally, the ISP also “sees” and records in its logs which sites the user visits, which files they download, whether they use a torrent, etc.

The VPN tunnel reliably ensures the anonymity of the user: for all Internet resources only the IP address of the VPN server will be “visible”, and the Internet provider will only know about the user’s visit to the VPN provider’s server, all the user’s real network activity will be completely hidden from him.
VPN Scheme
VPN Scheme

VPN advantages and disadvantages

When describing the advantages and disadvantages of VPNs, keep in mind that the quality of VPN services varies greatly from company to company. Consider the privacy policy of the VPN provider, the encryption protocols used, whether the VPN provider has modern, powerful servers, etc.

Security

As stated above, security depends on the encryption protocol used. The more reliable the cryptographic protocol, the higher the resistance of the VPN tunnel to hacker attacks and hacking attempts. Weak encryption protocols are easy to break, so the connection created on their basis is insecure.

Another risk factor is VPN client and VPN server failures. If the VPN client crashes or there is a problem on the server side, Internet traffic will flow past the VPN tunnel, nullifying the security of the connection. Therefore, all good VPN clients should have a built-in Kill Switch that blocks the Internet connection in the event of any software failure, both on the client side and on the server side. I wrote about checking my VPN for security here.

Anonymity and confidentiality

Anonymity is completely dependent on the privacy policy of the VPN provider. Almost all VPN providers claim that they do not track their users’ activities, do not keep logs, and do not share their customer data with third parties. In fact, this is far from the case. For example, you should never trust companies that provide VPN services for free. Most likely, they collect information about their users, which they then sell to advertisers.

Also, the privacy policy depends on which country the VPN provider company is registered in. In many states, companies providing any Internet communication services are required to keep logs, which record all the activity of customers on the network, and provide information from these logs to employees of special services, law enforcement agencies and other government agencies. This applies not only to those countries where governments restrict the rights and freedoms of citizens, but also to those that are considered the most free and democratic, such as the United States and Great Britain. That is, if a VPN provider company is registered in the United States and its headquarters are located in the United States, then all data about its customers is available to employees of the CIA, NSA, FBI and many other government organizations.

Free VPN does not always provide full and anonymous access to the necessary resources
Free VPN does not always provide full and anonymous access to the necessary resources

Baud rate

Since redirecting traffic through the VPN server and encrypting it takes additional time, the Internet speed for VPN users will decrease to some extent. This factor directly depends on whether the VPN provider has modern powerful high-speed servers and the total number of these servers. In other words, if two companies have the same number of users, then the one that has more active servers will provide a higher data transfer rate to its customers. The best VPN providers have thousands of high-speed servers, so the Internet speed drops only slightly for their customers. Companies that provide VPN services for free, as a rule, have few servers, and there are quite a large number of users, which is why their data transfer speed drops dramatically. How to check the speed of your VPN, you can learn from this article.

Supported Operating Systems and Devices

VPN is out of competition here. VPN apps exist for all popular operating systems and most devices.

Selecting and changing geolocation

To change geolocation, the user needs to change the VPN server. The best VPN providers have servers in almost every country in the world. If you are using a VPN client to connect to the VPN, you can select a new VPN server for geolocation with one click. If the VPN connection is configured directly in the operating system or on the router, then you will have to contact the VPN provider to get the data to connect to another VPN server located in the desired geographic area.

Installation and configuration

Installing a VPN client is no different than installing any other program. Once installed and launched, the VPN client is fully operational. It is somewhat more difficult to set up a VPN directly in the Operating System or on a router. But, following the step-by-step instructions, an ordinary user can easily set up a VPN on his computer, phone, tablet or router on his own. To use a VPN is also very simple, the main thing is not to make common mistakes.

Instructions in the articles Install and configure VPN on iPhone and iPad, VPN for home – why you need it and how to use it, How to Install and Configure a VPN on a Router.

What is and how does the Tor onion router work

Tor is arguably the most advanced technology for anonymizing Internet users. The Onion Routing principle was invented by one of the US Navy laboratories. Tor is currently being developed primarily by enthusiastic volunteers, but the Department of Defense and the US Department of State are still funding the project.

Tor browser
Tor browser

The onion network consists of several thousand servers – “nodes”. The word “bulbous” means that traffic passing through the network, as it were, passes through several layers of multilayered protection. Ordinary users get access to the onion network using the free Tor browser.

Before sending data to the Tor network, the Tor browser encrypts it three times using three different keys. The data passes through at least three randomly selected nodes in the Tor network. Each of these nodes receives its own decryption key, so that the data is completely decrypted at the output. In addition, a secure TLS data transfer protocol is used between the Tor browser and the entry node. That is, the traffic between the Tor browser and the entrance node of the Tor network will be encrypted in any case, even if the target site uses the insecure HTTP data transfer protocol.

Traffic going in the opposite direction (from the target site to the Tor browser) undergoes the same transformations, that is, it is encrypted three times at the entrance node of the Tor network and finally decrypted by the Tor browser on the user’s device.

The main advantage of Tor’s multilayer onion routing is complete anonymity at every layer. Thus, the input node knows only the IP addresses of the user and the intermediate node, the name of the target site and the IP address of the output node is unknown to it, the intermediate node only knows the IP addresses of the input and output nodes, and the output node only knows the IP address of the intermediate node and the name of the target. site.

The most vulnerable point of the Tor network is the exit nodes, from where your data goes to the Internet unencrypted. Therefore, to avoid leakage of confidential information, use only secure HTTPS data transfer protocol.

Tor advantages and disadvantages

Pluses and minuses here, too, enough.

Security

The Tor network does not guarantee complete security, since the transmitted data is decrypted at the exit from the network and, if the unsecured HTTP protocol is used, it can be read immediately. This is why it is important to always use the secure HTTPS data transfer protocol.

Tor does not provide complete data security
Tor does not provide complete data security

But the main security problem is the existence of fake Tor network nodes, that is, those that are created by hackers or special services to steal user data and spy on citizens. Such nodes are also called compromised. For a successful attack, an attacker only needs to control the input and output nodes of the network. All information passing through compromised nodes can be intercepted and decrypted (which has already happened repeatedly). To reduce the risk of data interception, the Tor browser changes its entry node every few minutes.

Anonymity and confidentiality

In the Tor network, the user’s own IP address is replaced with the IP address of the exit node. Multi-layered encryption and a random selection of Tor network nodes ensure the highest possible level of anonymity and confidentiality (provided that no traffic passes through compromised nodes).

Baud rate

The data transfer speed in the Tor network is extremely slow. And this is not surprising – after all, the data passes through at least three servers (“nodes”), undergoing complex manipulations at every stage. And since the Tor network was created and maintained mainly by enthusiastic volunteers, many of its nodes are located on slow and outdated servers. All of these factors negatively affect the speed of data transfer in Tor networks, making it impossible to watch streaming video and extremely slowing down the download of files from torrents. In general, enthusiasts who create and maintain Tor nodes are extremely negative about the very idea of ​​downloading large files through the Tor network. It is no coincidence that an appeal to users is posted on the official website of the Tor project: “Please do not Torrent over Tor”.

Supported Operating Systems and Devices

Tor browser versions exist for almost all popular operating systems. You can find and download the browser suitable for your operating system on the websiteTorproject.org… The iOS version of the Tor browser is called Onion Browser. Apps for iOS are allowed to be downloaded and installed only from the App Store, so you can find the Tor browser for iOS only here:Onion browser

Installation and configuration

The Tor browser is as easy to install and run as any other application, but fine-tuning this program to obtain the maximum level of protection requires special knowledge.

Geolocation selection

Since the exit node on which the user’s “visible” IP address depends is randomly selected, there is no normal way to select a specific geolocation in the Tor browser. In the hidden settings of the Tor browser, you can specify the country where the exit node is located, but this does not always lead to the desired result. In addition, the Tor developers strongly discourage doing this, since such a change in settings jeopardizes anonymity.

VPN vs Tor – head-to-head comparison

VPN Tor
Resistance to blocking by government agencies. Knowing the IP addresses of VPN servers, the government of any country can block the operation of any VPN provider on its territory. Tor is a distributed network with independent nodes. Blocking Tor completely is very difficult, almost impossible.
Geolocation selection It is very easy to select a new geolocation in the VPN client, literally with one click. It’s a little more complicated, but it’s still not difficult to change geolocation if the VPN is configured on a router or operating system. There is no way to select a specific geolocation in the Tor browser.
Protection The VPN client protects the entire computer or other device on which it is installed (if there are no leaks). Tor only protects traffic going through the Tor browser.
Anonymity Anonymity depends on the privacy policy of the VPN provider. Almost 100% anonymity is guaranteed. In Tor, it is impossible to track user actions on the Internet, in principle, thanks to the internal structure of the Tor network.
Security Security depends on the encryption protocol used. Strong cryptographic protocols provide 100% security in practice. The security of data transmission when using the HTTP protocol is not guaranteed. In addition, there is some possibility that user traffic will reach compromised Tor nodes and be decrypted.
Baud rate A quality (paid) VPN service has high or very high data transfer rates. Free VPN usually has unsatisfactory data transfer speeds. Very low (by modern standards).
Price A free VPN service is easy to find, but quality VPN services come at a low cost. The Tor browser is completely free.

Сonclusions

Each of the two technologies – VPN and the Tor Onion Network – protects users’ privacy in their own way. VPN is effective in keeping data secure, while Tor focuses on anonymity when surfing the net.

However, no one bothers you to combine these two technologies, that is, use the Tor browser in conjunction with a VPN. Of course, the data transfer rate is likely to drop to a minimum, but the anonymity, security, and confidentiality of the connection will be maximized.

FAQ

1. I want to download files from torrents using Tor. What software should I use?

1. I want to download files from torrents using Tor. What software should I use?

The easiest way is to use a torrent client Vuze which has built-in support for Tor.

2. Which is better to use with online browser games - VPN or Tor browser?

2. Which is better to use with online browser games - VPN or Tor browser?

In online games, latency (Ping) and data transfer rates are critical. A high-quality VPN service almost does not reduce the Internet speed and has little effect on the latency time, while in the Tor browser, the Internet speed drops sharply and the latency time increases many times. Therefore, the best solution is to use VPN + regular browser.

3. Is it safe to access network services with a Tor browser?

3. Is it safe to access network services with a Tor browser?

If the website of the network service uses a secure HTTPS connection, then it is safe, but it is better not to do this, since many Internet services (social networks, online banks and shops, postal services, etc.) block traffic originating from the Tor network. To secure your traffic and unblock the service, it’s best to use the services of a good VPN provider.

Author: Nicolas Cuts

Product Managers at SwitcherryVPN. Have 5 years background in management and marketing. I never stop learning!

Leave a Reply

Your email address will not be published. Required fields are marked *