NordVPN Review - Combining TOR with a VPN
Being based in Panama (so No Logs) has two commercial advantages. On one hand, there is a classic VPN with generalist aspects and on the other, a more technical side (DoubleVPN and TOR over VPN) more secure and anonymous (with No Logs and Bitcoin).
The classic side includes:
20 countries: Australia , Austria , Brasil , Canada , France , Germany , Hong Kong , Italy , Lithuania , Netherlands , Poland , Romania , Russia , Singapore , South Africa , Spain , Sweden , Switzerland , UK , USA
Bitcoin as a payment method - Best VPNs that accept Bitcoin
An OpenVPN connection programme that is simple to use, with extra options like IP Guard (Process kill list) and DNS Leak Protection. (NordVPN replaces the DNS of your ISP with some from Google so that your ISP will not be able to view your searches.)
Proxy on each server with Port 80 (+ Free Proxy List) as well as PPTP, L2TP and OpenVPN.
No Logs because NordVPN (run by Tefincom ca S.A.) is situated in Panama, a country without laws concerning data retention.
But our favourite aspect of NordVPN was its TOR over VPN option
What is the TOR Network ?
A beginner's guide to the privacy tool: An acronym standing for The Onion Router, TOR is a decentralised computer network that allows you to dissimulate the origin of your internet connection thanks to a system of « onion layers of routing ». This means passing the communication across an encrypted circuit composed of several computer up to the final destination, offering a high level of anonymity.
TOR does 3 things:
Protects the analysis of traffic
Lets you surf the internet anonymously and securely.
It also allows access to a very controversial part of the internet. Apart from surfing securely and anonymously on the traditional and classic network (clearweb), Tor also proposes a selection of hidden services (deepweb) for its users, sites with addresses with the suffix “.onion” which are only accessible through Tor.
Alternative search engines that reference « hidden-services »and help you find sites with the famous .onion addresses
Anyone can use it for free. You just need to install and launch the programme TBB, Tor Browser Bundle, to start “anonymously” surfing the internet.
Initially the programme connects your system to the Tor network. Once the connection is established with Tor, the Tor browser will automatically launch a modified and configured Firefox.
To manually verify, if you are connected to the Tor network or not, use the site https://check.torproject.org/
You can get a better idea of the size of TOR and get to know more about the IP (relay) that is attributed to you (an IP that changes at regular intervals) with https://atlas.torproject.org/.
In fact, the number of relays is an essential point: this is what gives the network its power. More relays, more pathways available on the network, more security. More relays also means more bandwidth so a faster a less saturated network. In this spirit, RSF and Torservers.net linked up to create and maintain 250 supplementary servers at the heart of the Tor network.
If the programme itself is free, the total number of servers that transmit information has a high cost ($2 million/year for developing the project and funding the servers). So the project members often launch appeals for funding, asking for monetary contributions from its users. Financing also comes from large donations, some from the American government who fund 60% in order to support freedom of expression and scientific research.
Tor Browser offers a robust solution for the protection of your private life, based on:
- A method of routing in charge of making connections anonymous. In effect, the Tor client chooses from the many Tor relays, a random path before arriving at the destination server. The Tor client is creating an international circuit. The packet is routed across several relays, which makes the connection source difficult to identify. Each of the Tor nodes used by a packet transmitting it across the network only knows the previous and following node. Each relay cannot know the full journey of all the information sent by the user.
- Encrypting communication. Tor encrypts everything within the network using public and private keys. In fact everything is encrypted up to the exit node which will decrypt the messages and send them to the destination server unencrypted (this is why you should use TOR in HTTPS).
But TOR has some limits:
- Tor can protect the origin of your traffic and encrypt everything within the Tor network, but it can't encrypt your traffic between Tor and its final destination. If you are sending sensitive information, you need to use the same precautions you would on the internet – use HTTPS.
- Don't open any downloaded files when you are connected.
- Tor cannot guarantee protection of UDP packets.
Both VPN and Tor can be used to bypass internet censorship and to protect your privacy. Now we need to ask ourselves if one or the other is a better service. Even if they can be used together rather than separately.
Both Tor and VPN have their advantages and disadvantages.
- High level of anonymity – users of the network are very hard to identify. Instead of using a direct path from source to destination, the packets follow a random trajectory across many servers which cannot be tracked. Traceability of connections is extremely difficult since it ricochets several times before arriving at the final server.
- Simplicity – you just need to download the package, extract the archive and start Tor. It is very well secured and includes an optimised version of Firefox pre-configured by the Tor project.
- Slow – because Tor has to encrypt everything (every node on the circuit has its own secret key which can only identify the previous and following node within the circuit) between you and the Tor network, while at the same time the Tor client chooses amongst the multiple Tor relays, the random pathway before arriving at the destination server, this means that your connection speed is much slower than normal.
- The final « node » can assemble them all, so potentially (if it is a corrupted « node ») recuperate all the information stocked in the request (passwords, logins ...) or manipulate data before sending it on to the recipient. (N.B. This will not be a problem if you are using .onion sites.). For this reason a VPN like Proxy.Sh proposes to secure this weakness: Configure your TOR client bundle to use Proxy.sh as exit node
- .onion sites are often inaccessible or closed.
- Better security – it is better to choose a VPN since you are the one to choose it. As with TOR, VPNs also see your request in its unencrypted form but the main difference is that you know the service you connect to, you know if you can trust them or not.
- Anonymity? The eternal debate! Some people will tell you that TOR is more anonymous than VPN (encryption + routing). But we prefer VPN (assuming you use No Logs and respect a payment and registration method that is mostly anonymous).
- Protects the entirety of the network – all programmes supported.
- A good VPN service costs money (~$30-60/year), although it is not very expensive. There are also free VPN services, but those have ads
What about the complementarity of using both services at once? Do I need to use a VPN to connect to TOR or vice versa?
In fact the more important question is which service to use first to connect to the second. Using one or the other first will change everything and will provide different results.
Be careful – there is no point in connecting to TOR then to your VPN (or the other way around) to create a TOR over VPN route (or vice versa) if your VPN isn't configured specially. If your VPN doesn't offer a TOR option then you will create two parallel routes that are not unique!
The data flow would look like this. You -> Tor -> VPN -> Internet
AirVPN (AirVPN Review) recommends using both. This will increase your anonymity since your base IP comes from TOR. First you connect to TOR, then to VPN. So you are already protected by TOR's IP. Then you connect to the VPN and carry on as normal. TOR serves to provide the original IP. So even your VPN does not know your IP from your ISP.
The data flow would look like this. You -> VPN -> TOR -> Internet
NordVPN recommends this solution::
Your ISP doesn't know that you are connected to TOR
Your VPN can't monitor your activity (though why would they?)
Access the TOR network
NordVPN offers a way in: connection to the Swedish VPN server then TOR. Choose the server TOR over VPN in the dropdown menu in your connection programme then launch your normal browser.
Check that you are really connected to TOR via https://check.torproject.org/