View Full Version : Tor or VPN? What's best and how are they different?

I'm new to computers and interested in keeping my searches and internet use to myself. I've heard about Tor and VPN but don't really understand how they differ.

If you use a VPN do you still search via your normal browser (say Google or Firefox) and can your ISP not still see what searches you are making anyway or is the whole thing encrypted?

How does Tor differ from a VPN? Would using a VPN make banking and investing on line safer?

Finally I am interested in anonymous browsing out of bloody mindedness in that I object to the state interfering and poking its nose into other peoples' business on principle especially after the disclosures of Edward Snowden and how they seem to want to spy on even us honest citizens. (rant over)

Any advice most welcome. Thanks.

I pretty much have the same questions regarding the difference and would invite any expert opinion on the subject as well.

Its intriguing

You can search and use the regular internet in just the same way as you normnally would in any other browser whilst using tor and most VPNs. tor comes with a firefox based browser included, so the experience of using tor is much like using normal firefox. VPN systems are designed so your computer can connect to them along a secure link and use this as a tunnel out to the wider internet, they should be compatible with any browser. Websites will usually work fine in these tor or through a VPN hwoever if you want to use flash based or toher plugin based content on the website then you won't be able to do this. This is because if you need to stay anonymous then there are risks that plugins being run might not always connect from your machine trhough tor/the VPN and then to the site you are visiting but might instead connect directly from you to the site. If a plugin did this it would undo everything that tor or a VPN is doing for you, so tor ( and some VPNs probably) will not let you install plugins into the browser.

If you use either tor or a VPn your ISP cannot see what you are doing, all the ISP will know is that you have got an encrypted connection to a tor node or a VPN server, they won't know what you are doing through this so won't be able to see the sites you visit and data you might enter into them. Tor specifically sets up a link from you to a random tor node, then randomly around amongst internal tor nodes, then out from a random* tor node. * You can however set this one to a particular country you want to appear to be browsing from as far as the sites you visit are concerned. The link from you to the first node is encrypted by a secure https like system (any man-in-the-middle snoopers, be they ISP, governements, individuals on the same wi-fi network as you... can only see you have connected to tor and approximately how many megabytes are passing through, they can't see what those megabytes contain data wise), then the internal node links are encrypted, the node out of tor and onto the wider internet is enerypted if you are visiting an https site, but un-encrypted if you are browsing an http site. The encryption is designed such that it should be impossible for any single node within the tor network that you data passes through to decrypt it. VPNs are a bit different in that you connect by secure connection to a VPN server then it goes straight to the wider internet from the VPn server, so you have a faster connection, but lose the extra privacy of those multiple steps within the tor network. VPNs might sometimes keep logs of activity, tor does not.

Tor, or a VPN will not generally make logging into secure sites like banks or emails any more secure, those things should be secure anyway, the most that a man-in-the-middle snooper should be able to tell about this sort of traffic is that you are visiting those sites, not what private data you are sneding and receiving from them. Ordinarily when you log into a secure website you will already have an https tunnel from you to it, snoopers could tell you were connected to your bank/email but couldn't see what was in the traffic. If you connect to these sort of things through tor or a VPN then you have a secure link to the VPN/tor entry node, some secure links within tor (or no internal links in a VPN), then a secure link from tor/the VPn to the site you are visiting. If the VPN's owner can be utterly trusted, or if tor is as secure as it generally is thought to be then you would be in exactly the same security situation as with a direct connection, if the VPN isn't run by someone trustworthy they could snoop on the passing data which would have stayed private had you used a normal direct connection.

Although there are some special circumstances involving wi-fi systems, tor or a VPN doesn't usually make the content you pass to an https website, or the content it sends back, any more secure. What tor or a VPN can do though is allow you to browse anonymously, if you don't want your ISP to see which sites you visit, or allow you to visit sites which are either blocked in your local area (by someone like your ISP between you and the wider internet), or allow you to visit sites which wouldn't usually show content to viewers coming from the region you are in, but will show content if they think you are elsewhere on the globe.

You should never use public wi-fi to access private things like banks or main email accounts, only ever do this from secure home connections.

The tor website provides some fairly detailed yet still easy to understand explanations about all matters relating to tor, for VPNs the principles of how they work are similar but things will vary with provider. most VPNs are paid for, tor is free.

If I understand correctly, having plugins like flash installed on the browser and for instance by visiting any site, as soon as one allow flash to activate, say for streaming a content, that would defeat the purpose of having a VPN or Tor browser, or any other strict browser privacy settings for that matter, if the goal one wish tho accomplish is absolute privacy and anonymity.
Would it be the same case for other extensions like WOT, uBlock etc?


That's a very detailed and helpful response thank you.

You have explained it very well and if I understand properly Tor is probably as good as using a VPN for most purposes.

One thing that puzzles me a little I thought from what little I had read that you could watch video or whatever from sites
located in another country - for example people wanting to watch BBC iplayer who are not in the UK and some movie
sites in the US not available in other countries but if flash doesn't work how can that be? Am I missing the point here?

If flash is enabled, however, it would make your traffic visible to your ISP or anyone else presumably which is defeating the object
of using Tor or a VPN if I understand you correctly?

The bit about banking is interesting I don't use internet banking as I don't trust the free anti virus software I use to protect
me and wondered if Tor would make the transaction safer - not so it seems. Shame!!

Puzzled about the flash/video bit but very grateful for your time and trouble in responding.

Best wishes.