The Privacy Tool Dilemma
If you've researched online privacy, you've almost certainly encountered two recurring recommendations: Tor and VPNs. Both route your traffic through intermediary servers and both hide your IP address from the sites you visit — but the similarities largely end there. They have fundamentally different architectures, threat models, and trade-offs. Choosing between them depends on what you're actually trying to protect against.
How a VPN Works
A Virtual Private Network (VPN) creates an encrypted tunnel between your device and a VPN server operated by a provider. All your internet traffic flows through this server, which means:
- Your ISP sees encrypted traffic going to a VPN server — not what you're doing online.
- Websites see the VPN server's IP address, not yours.
- The VPN provider itself can see your real IP address and, if they choose, your traffic.
What a VPN Protects Against
- ISP surveillance and traffic logging
- Network-level snooping (e.g., on public Wi-Fi)
- Geo-restrictions and censorship
- Basic IP-based tracking by websites
What a VPN Does NOT Protect Against
- A malicious or legally compelled VPN provider
- Browser fingerprinting or cookies
- Malware on your device
- Metadata analysis by sophisticated adversaries
How Tor Works
The Tor (The Onion Router) network routes your traffic through a series of three volunteer-run nodes — a guard node, a middle relay, and an exit node — each layer encrypting and re-encrypting traffic like layers of an onion. No single node knows both who you are and what you're accessing.
What Tor Protects Against
- ISP surveillance — your ISP only sees traffic going to a Tor guard node
- Website IP tracking — exit nodes' IPs are seen by websites, not yours
- VPN provider trust issues — no single entity has the full picture
- Provides access to
.onionhidden services
What Tor Does NOT Protect Against
- A compromised or malicious exit node (which can see unencrypted traffic if HTTPS isn't used)
- End-to-end correlation attacks by global adversaries monitoring traffic patterns
- Poor operational security on the user's end (logging in to accounts, JavaScript exploits)
- High latency — Tor is significantly slower than a VPN
Direct Comparison
| Feature | VPN | Tor |
|---|---|---|
| IP address hidden from websites | ✅ Yes | ✅ Yes |
| ISP can see your traffic | ❌ No | ❌ No |
| Single point of trust | ⚠️ VPN provider | ✅ None (distributed) |
| Speed | ✅ Fast | ⚠️ Slow |
| Access to .onion sites | ❌ No | ✅ Yes |
| Cost | ⚠️ Usually paid | ✅ Free |
| Best for | Everyday privacy | High-risk anonymity |
Can You Use Both Together?
Yes — and it can make sense in specific scenarios. Tor over VPN (connecting to Tor while on a VPN) hides the fact that you're using Tor from your ISP. VPN over Tor routes VPN traffic through Tor, hiding your real IP from the VPN provider. Both configurations add complexity and are only worthwhile if your threat model demands it.
Choosing the Right Tool
If your goal is general privacy from your ISP, avoiding geo-blocks, and protecting yourself on public Wi-Fi, a reputable, no-logs VPN is the practical choice. If you need strong anonymity — protecting your identity from powerful adversaries or accessing sensitive resources — Tor is the more appropriate tool, used carefully and with good operational security practices. Understand your threat model first, then choose your tools accordingly.