Just a quickie clip and past post relating to:
What's the difference between VPN and TOR?
It all comes down to
trust really.
Often you don't know the guy/company
behind the VPN service.
Some of them have different
logging policies and, as you can read in the link above, they also would reveal the identity if asked in some cases.
So for political reasons (or otherwize) and normal webbrowsing where you want to be really secure and anonymous, TOR is a much better choice.
If speed of large file downloads or access to streaming (video/audio) with geographic restricted regions in the world is your cup of tea, then VPN is the way to go.
If speed of large file downloads or access to streaming (video/audio) with geographic restricted regions in the world is your cup of tea, then VPN is the way to go.
Like when you anonymously want to send large music files (if you are a musician), send videofiles (on film or videoprojects), torrent or watch tv in other countries.
Some large corporations have their own tunneling solutions, like Volvo for instance.
This is probably more secure (but there is always the "insider" risk for leak of information).
VPN
TOR
Can you see the difference?
Basically the main technical difference with TOR vs VPN is that with TOR you have a bunch of TOR users (connected to each others) from the entry point (Which is ALICE in the image above) to the exit point(the one that goes to (and from) BOB).
In VPN It's just into and out of the tunnel that encryption takes place (its secure enough for 99.9% of the time. IF you trust the VPN-provider, that is)
(There are also double vpn tunnels. A tunnel inside another tunnel. Or multiple ones. But that costs. And they are slower.)
When the information is sent from one computer to another in TOR it is encrypted every time it passes a computer,
The points where this happens are called "
nodes".
The users/computers in the relay can't "see"/know who the others are.
And they also don't know who you(Alice) are.
And, Bob (the website you visit) doesn't have a clue about who ALICE (and all nodes in between) is .
Trust isn't the problem here, since nothing is logged and no one even knows who the other is!
And every time you switch to a new website (from BOB to JANE in the example above) a new relay with a different set of TOR users is choosen(at random).
Since there is a lot of encryption and decryption going on for every computer in The (Onion) Network it makes the process really slow and more unreliable when it comes to speed (you may get lucky at times, but the speed can vary greatly).
The different bandwidths for the nodes that takes part of it also adds up to the access times.
Also some ISP;s are blocking some of the TOR nodes.
Relating to TOR...
Tor is free software for enabling anonymous communication. The name is derived from an acronym for the original software project name "The Onion Router". Tor directs Internet traffic through a free, worldwide, volunteer overlay network consisting of more than seven thousand relays to conceal a user's location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult to trace Internet activity to the user: this includes "visits to Web sites, online posts, instant messages, and other communication forms". The intent for Tor's use is to protect the personal privacy of its users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities from being monitored.
Tor does not prevent an online service from determining when it is being accessed through Tor. Tor protects a user's privacy, but does not hide the fact that someone is using Tor. Some websites restrict allowances through Tor. For example, the MediaWiki TorBlock extension automatically restricts edits made through Tor, although Wikipedia allows some limited editing in exceptional circumstances.
Onion routing is implemented by encryption in the application layer of a communication protocol stack, nested like the layers of an onion. Tor encrypts the data, including the next node destination IP address, multiple times and sends it through a virtual circuit comprising successive, random-selection Tor relays. Each relay decrypts a layer of encryption to reveal the next relay in the circuit to pass the remaining encrypted data on to it. The final relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing or knowing the source IP address. Because the routing of the communication is partly concealed at every hop in the Tor circuit, this method eliminates any single point at which the communicating peers can be determined through network surveillance that relies upon knowing its source and destination.
An adversary may try to de-anonymize the user by some means. One way this may be achieved is by exploiting vulnerable software on the user's computer. The NSA had a technique that targets a vulnerability – which they codenamed "EgotisticalGiraffe" – in an outdated Firefox browser version at one time bundled with the Tor package and, in general, targets Tor users for close monitoring under its XKeyscore program. Attacks against Tor are an active area of academic research which is welcomed by the Tor Project itself. The bulk of the funding for Tor's development has come from the federal government of the United States, initially through the Office of Naval Research and DARPA.