The simplicity of it is logic defying. It used to be that you had to find crosswalks or move puzzle pieces or type blurred letters and numbers, but NOW all the sudden I can just click a box and HEY!, I’m human?
That’s hardly the Turing Test I’d expected.
There are two ways to layer a VPN and tor:
In the first option, you gain little. Tor already encrypts your traffic, so your ISP can’t see inside them. Technically, Tor over a VPN hides the fact that you’re using Tor from your ISP, but Tor’s snowflake does something similar if you need that.
In the second option, you’re revealing your VPN account information, which could theoretically be associated back to you. Tor adds nothing over just a VPN in this case.
So really, “no value in mixing,” which is distinct from “don’t mix.”
The latter implies a security risk could be created.
A security risk is created, you’re creating a permanent guard node by using your VPN with TOR. A lot of people downplay how serious this can be against a dedicated attacker. Sure, it may not matter for most, but for those with the right threat model, it will.
So VPN first then Tor is ill advised for this, or only the reverse? What is the potential attack in running Tor while on VPN?
The risk of mis-ordering your layers is a security issue.
If you’re using tour vpn at the system or network level, and tor at the browser level, is there a risk of mis-ordering?