Virtual Private Networks (VPNs) and Tor
VPNs and Tor can help keep your Internet browsing safe and private.
A Virtual Private Network is a tool to help anonymize your Internet connection and secure your communications from being tampered with. There are many VPN providers on the Internet. Some of them are free services, others are paid, and a few more are do-it-yourself software projects that you can install on your own Internet server.
I have never used any of these VPNs personally, so I cannot vouch for them.
Many companies on the Internet offer VPN service for free. It may be tempting to use these, but they may be harmful to your security.
Keep in mind that it is possible for the VPN provider to see what you are doing. Some VPN providers insert their own ads or sell your traffic data. Famously, Facebook purchased a free VPN provider called Onavo. This allowed Facebook to observe Onavo users' traffic data, which Facebook used to estimate the marketshare of their competitors.
Many websites will ask you for location information or place small pieces of information called "cookies" in your browser which sometimes allow them to follow your path through the Internet. VPNs hide the origin of your network traffic, but VPNs alone do not fight all the ways you can be de-anonymized.
A VPN is a decent way to obscure the origin of your Internet traffic from the websites you visit, but your VPN provider always knows the origin of your Internet traffic, and they also have your billing information.
This means that when you use a VPN provider, you are implicitly trusting them with who you are--even if you do not think you have told them. The Tor network is a free and secure alternative to VPN providers that do a better job at hiding who you are. Read more below.
VPNs are great for obscuring to websites where you are connecting from. But one problem is that your VPN provider knows who you are and what traffic you are sending. If this is an unacceptable security risk, you can use the Tor network instead.
Tor is a computer network that encrypts routes your Internet connections through multiple servers--such that no server knows both where your connection is coming from and where it is going. This offers much higher anonymity than VPNs.
Tor is free to use. The Tor Project runs on people donating their money or computer network bandwidth. However, this means that Tor can be much slower than many VPNs. Because Tor capacity is granted on a volunteer basis, Tor is not appropriate for high-definition video streaming, BitTorrent usage, or running bulk email servers.
Tor is a low-level computer network that can route traffic from many different computer programs. However, those programs ma have high-level behaviors that can de-anonymize you.
The Tor Browser Bundle is a web browser designed to include all of the best practices involved in for using Tor. Use it when you want to browser the World Wide Web without leaking information.
Certain ISPs restrict or monitor access to the Tor network, making it difficult to connect. The entry and exit nodes are publicly-known on the Internet, which makes them easy to block.
To avoid restrictions or surveillance that your ISP may have placed on the official Tor network, you can connect to Tor through a bridge address.
Tor is largely a tool to anonymize your connection to the public Internet. But for additional security, many people run hidden services--websites and other servers that are only accessible from within Tor.
Tor Hidden Services have the following advantages:
When hosting a website on the regular Internet, it is possible for ISPs and law enforcement to determine the physical location of the website's servers. It is much harder to determine the location of a hidden service, which makes hidden services a great way to conduct business that must be hidden.
When you access the regular Internet through Tor, an exit node makes the connection between the Tor network and your destination on the Internet. Exit nodes can observe unencrypted connections from the Tor network to your destination on the regular Internet, but they do not know the origin of the connections.
When accessing a hidden service, your connection is is encrypted in a way that the exit node cannot observe the content of your communications.
Tor is vulnerable to a series of attacks, ranging from the theoretical to the practical. If your adversary is a powerful government, it is possible that control a significant number of the nodes on the Tor network and can use the information they collect to de-anonymize traffic.
Tor is commonly used by people to access child pornography, online marketplaces for drugs, or discussion forums for those that want to conduct illegal behavior.
Because of this, using Tor might earn you the attention of law enforcement, even if they are unable to decrypt your traffic. The FBI successfully identified Eldo Kim as being responsible for sending a bomb threat to Harvard University because of his usage of Tor. They likely couldn't decrypt his traffic, but using Tor put him at the top of the suspect list.
Do not use Tor to visit websites that contain child pornography, even by accident. Even given Tor's security features, downloading this type of content is a fast trip to prison. In the past, law enforcement have been able to use security vulnerabilities to attack and de-anonymize Tor users downloading child pornography. They may also be in control of child pornography sites, using them to deliver malware to de-anonymize visitors.