Hello all,

I was thinking about starting with a VPN Router (such as the ones made by GL-iNet) connected to a laptop, then opening the TOR browser on the host operating system. Then open Virtualbox, open the guest operating system, and start a second VPN, then do your web browsing.

Would this be a SIMPLE way to do online privacy? (I am not much of a techie). A public hotspot might reject a TOR node, so best to start the chain with a VPN, then open TOR, then use a second VPN after that to protect against a malicious TOR exit node. Is there a better way to do this?

Or would it be simpler and better to just use 3 chained VPNs? Thanks in advance.

Whoa. This makes no sense and is overkill for overkill sake.

Just use a solid system wide VPN + Tor or directly Tor.

You don’t say… but tracks given your question that I’m glad you’re asking to learn.

Why? Why do you think this makes you more safe or private? What are you even going for and why? This makes no sense, please don’t do this.

Make sure to read our knowledge base article on safely connecting to Tor.

A VPN→TOR Connection is enough for most cases. Adding an additional VPN connection after this just creates a permanent exit node which is tied to your identity.

Even if you are using a malicious Tor exit node (which is rare), you are much safer not logging into any confidential accounts tied to your real identity.

All you really need is a VPN router and Tails/Whonix/Qubes depending on your threat model. That’s it.

Thank you, KevPham. There are two VPNs, Mullvad VPN and IVPN, which assign you an account number when you open the account, You log in with that number - no email address needed. Does that make your VPN usage less identifiable?

Random account numbers for/by VPNs don’t have anything to do with your VPN usage less identifiable. Your VPN and how they made it (the tech behind it and how they implement it) is what matters more. Some people do in fact like that they don’t even require phone numbers but in my opinion, this doesn’t matter too much. You either way have to keep your login info private, safe, and secure.

My concern is with three-letter government agencies monitoring the TOR network. I thought that using VPNs instead of TOR might offer an improvement. Is that right?

If you’re looking to torrify your computer completely have a gander at NIPE, use it very often and it works nicely. nipe/ at main · htrgouvea/nipe · GitHub

Nothing comes from this. It is almost impossible to do. And I only say almost to not be absolute with anything but it’s practically/pragmatically impossible. This really should not be a worry. Even Snowden relies on Tor/Tor network. Can’t imagine your threat model being higher.

VPN is not Tor and vice versa. Each tool is meant to be used for the purpose it is designed for (even though Tor can used as a browser only VPN, technically). Please read up on the differences on the PG website and Techlore videos.

Thanks for the tip!

No problem…

You don’t say… but tracks given your question that I’m glad you’re asking to learn.

I appreciate the helpfulness, but not the snarkyness. We newbies are doing the best we can here.

I was being facetious. Not everything is meant to be taken negatively. If I disparaged you, I would not have even commented let alone answer your question. Relax.

Thank you., JG