Starting VPN and then connecting to TOR question for clarification

[Weasel 16]

I was just reading this again and I am confused.  In the write up on TOR and VPN it says starting TOR and then connecting to VPN is a major security layer, yet it also states that TOR runs outside VPN and TOR can see my real IP address.  If TOR is compromised in the middle can they not then see my real IP address and track me since the VPN is not making me part of a large server base? 

 

Now the other way, start VPN and then TOR seems to me better, but I am a laymen and thus the question.  However, I would think that if TOR was compromised and they traced it back to the entry node I would want them to only see a static IP address with 200 users, as they have no way of knowing who is the TOR user and since AIRVPN doesn't log they can't tell them (or can they?).  So if in a week a cop shows up saying who was connected to your server at time Z using TOR shouldn't they be told that AIR has no logs and can't tell them?

 

One last thing, what does the last point mean, "you are not protected against malicious...", can they somehow follow me through TOR to the AIRVPN server and back to my computer even though AIRVPN encrypts my data (does using SSL make this more so )?

 

Features:

• Our servers can see your real IP address.
• Our servers can not see your traffic content, real origin and real destinations.
• The Tor entry-node will not see your real IP address, it will see the exit-IP address of the Air server you're connected to.
• Your are not protected against malicious Tor exit nodes if you send/receive unencrypted traffic to/from the final host you connect to.

Please note that, with the above setup, if you connect to our web site with a Tor configured browser, our web server will see your Tor exit node IP address, so the site will display a red bottom box, as if you were not connected to an Air server.

[Weasel 16]

I found this site:  https://www.comparitech.com/blog/vpn-privacy/ultimate-guide-to-tor/ and they state

 

"In the second setup, VPN over Tor, your ISP sees that you’re computer is communicating with a Tor entry node. The VPN server gets your login information from a Tor exit node, which can be considered personally identifiable information, thereby breaking Tor’s anonymity."

 

Meanwhile, starting VPN and then starting TOR it states:

 

"In the first setup, Tor over VPN, your ISP sees that you’re computer is sending and receiving encrypted information with a specific server, and that is all. The VPN server only sees that it is connected to a Tor entry node and that all of your surfing is being handled through that network. All of the websites on the other end of Tor do not see any personally identifiable information."

 

So is this article correct which means so am I, it is better than the TOR entry node be pointing at the VPN server?

[critter 0]

One last thing, what does the last point mean, "you are not protected against malicious...", can they somehow follow me through TOR to the AIRVPN server and back to my computer even though AIRVPN encrypts my data (does using SSL make this more so )?

 

Features:

• Our servers can see your real IP address.
• Our servers can not see your traffic content, real origin and real destinations.
• The Tor entry-node will not see your real IP address, it will see the exit-IP address of the Air server you're connected to.
• Your are not protected against malicious Tor exit nodes if you send/receive unencrypted traffic to/from the final host you connect to.

Please note that, with the above setup, if you connect to our web site with a Tor configured browser, our web server will see your Tor exit node IP address, so the site will display a red bottom box, as if you were not connected to an Air server.

I'm no expert but I believe this means anything you do through TOR can be traced back to you if, for example, you log into your regular personal facebook account or log into and send an email through your regular email provider. When using TOR you have to stay anonymous in your dealings with the clearnet (or darknet) or people in control of exit nodes can work out who you are. No point hiding your IP address and so on through VPN + TOR only to log into an account that states (potentially) your full name, D.O.B., country of residence etc etc. It would be like turning up to a masked ball in a hired car (hired in a strangers name, paid for with cash, driven by a stranger), with a full body disguise on only to rip off your face mask and announce your name as soon as you walk in the door.

 

If you want to use facebook anonymously for example, open AIRVPN, then go onto TOR. Set up a facebook account using a non traceable email address or throwaway non traceable phone number (pay in cash, don't register any real world details, don't allow geolocation, only use once etc etc) and ONLY ever access that facebook and email account through TOR. Ensure all register details like name and DOB are not traceable to you. If you access your 'anonymous' facebook/email account through the clearnet, then people in possession of an exit node you used can possibly find your clearnet details and thus find you.

 

Hope that helps a little and doesn't complicate matters. Apologies for being light on the technical details, I'm not a computer programmer, just an avid user.

 

 

 

I found this site:  https://www.comparitech.com/blog/vpn-privacy/ultimate-guide-to-tor/ and they state

 

"In the second setup, VPN over Tor, your ISP sees that you’re computer is communicating with a Tor entry node. The VPN server gets your login information from a Tor exit node, which can be considered personally identifiable information, thereby breaking Tor’s anonymity."

 

Meanwhile, starting VPN and then starting TOR it states:

 

"In the first setup, Tor over VPN, your ISP sees that you’re computer is sending and receiving encrypted information with a specific server, and that is all. The VPN server only sees that it is connected to a Tor entry node and that all of your surfing is being handled through that network. All of the websites on the other end of Tor do not see any personally identifiable information."

 

So is this article correct which means so am I, it is better than the TOR entry node be pointing at the VPN server?

I would use a VPN and then access TOR. Otherwise you are signing into your VPN account which potentially has your name, payment details, real IP address, ISP which makes using TOR pointless.

 

To be strict, you must never use TOR to link you to anything that can identify you, and encrypt everything that you can.

[Weasel 16]

Hi;  thanks for the response and effort, I guess that makes sense and falls under sending personal data about yourself while connected to TOR like, as you said, logging into your FB account for instance.

 

I don't get this part "I would use a VPN and then access TOR. Otherwise you are signing into your VPN account which potentially has your name, payment details, real IP address, ISP which makes using TOR pointless." why would it make it useless?  IF(?) the VPN doesn't track or log you, as stated in TOS, then what does it matter?  Mr Law follows your TOR back to entry node which is a vpn server with 200 other people on it, by the time they get a court order for the server all my information should be gone, according to TOS, 1 minute after log off so how can that be an issue?

 

This sort of stuff is what makes me question VPNs and their statements of "we don't log" and stuff but then say buy with bitcoin and a fake identity so we can't identify you so we can't help Mr Law.  Seems like double talk to me.  According to what I have read before they may have my name, CC number and address but so what, it isn't against the law to use a VPN, all they can say is yes he is a member and if their statements are fact, that is it.  I really wish that part would be cleared up in plain simple terms instead of their statement of "we have a secret way of tracking you, but we don't log".

[petran1420 0]

Trying to make sense of this as well. Trying to learn more about my internet habits and how to make them more private. 

 

I would use a VPN and then access TOR. Otherwise you are signing into your VPN account which potentially has your name, payment details, real IP address, ISP which makes using TOR pointless.

 

So would an example of this involve starting your VPN connection, and then afterwards browsing through the TOR browser? To me it sounds like if you access TOR first and have that node point to the VPN, it provides protection against the VPN (but the ISP can see you're using TOR) but if you access the VPN and then use TOR afterwards it provides protection against the ISP (but VPN knows your info now). Is it just a matter of who you trust less?

[Weasel 16]

This is my thought too, I would rather someone who cracked TOR see a VPN address with 100 users that is based on the moon then have it point to my IP.  I wish someone would clarify in plain terms because it really doesn't make sense to me, and I am not trying to be a dick but am trying to learn, that if you connect to TOR and then VPN and your IP can see you are connected to TOR, then Johnny Law would also be able to see your IP.  Is this not correct?

[Weasel 16]

Ok I FINALLY got this figured out through searching and I believe I understand it now.

 

Start TOR which sets up the nodes, then start AIRVPN.  AIRVPN through TOR settings looks for the exit NODE of TOR which will be the entry to AIRVPN, thus AIR only sees the IP from where TOR came from. 

 

Now this is what I was doing wrong:  You then start your normal browser which connects to the AIR server which is at the end of the chain from TOR to AIRVPN entry to VPN server.  You surf the web through your normal browser not TOR.  If anyone is watching a NODE on TOR they will only see the 256bit encrypted data coming back from AIRVPN.  If they follow the data from the site you are on they will first hit the VPN server with numerous users.  If they still follow you they will then hit the VPN entry server which shows an IP address of whatever TOR is.  Your packet when it leaves AIRVPN to start down the TOR relay is still encrypted by AIR and then encrypted again by each NODE until it finally reaches your computer. 

 

So if a NODE is compromised the spying party only sees an encrypted AIRVPN packet while they may be able to see the traffic from other users in plain.

 

If you just surfed through TOR in this configuration you are not utilizing AIRVPN at all.  BUT:  if you start AIRVPN and then start TOR then you can browse using TOR and still have AIRVPN encrypt the packets, but AIR can see who the packets are going too.

 

I think that is it, isn't it?

[Khariz 109]

Yes.  If you use the VPN through Tor option, you are partitioning your trust with AirVPN.  AirVPN sees you logged in as the final TorExitIP.  Then when you use your regular web browser, other sites only know that you are using AirVPN's IP and not that you are on Tor. So you deal with a lot less blocking BS than if you did VPN first, then Tor.  And tracing backward from your connection is indeed AirVPNIP-TorExit-TorHops-TorEntrance-RealIP.