Tor vs. VPN: What’s the Difference

Last updated: 27 February 2021

Tor and VPN offer you a certain amount of anonymity and protection on the Internet. But are they that safe? Let's compare these options and figure out what your priority is. This guide will help you learn about the details of online security.

What is a VPN?

VPN is a virtual private network. Usually, connections on such a network are called tunneled because the transmission of packets is encrypted between two points, forming a tunnel on the Internet. Companies use these networking solutions because they provide a high level of security at a low cost. An employee can remotely access resources in the company at any time, and no third party will be able to know what data is being sent.

Using a VPN is also very attractive for a home user because it allows you to access Internet resources securely and anonymously. This is extremely useful, for example, when we are forced to use open networks or public access points. With a normal connection, the network administrator and the ISP have access to our packages. Still, if we use the VPN connectivity, the traffic we generate will be encrypted, and we can, for example, use online banking safely and securely.

VPN types

We distinguish between two main types of VPNs.

Website - Website is an example of a corporate network expansion; it provides access between two remote local area networks connected through a public network. Among other things, they are used by the OpenVPN program.

Client - Website is a more advanced solution designed for working with remote servers.

Protocols and encryption

VPN protocols are communication protocols with specific rules and policies designed to establish communications between two points securely. Here are some popular VPN protocols.


If we are using this type of protocol, we should stop as soon as possible. It has several advantages, but its lack of security makes it completely useless, and Microsoft discourages its use. Unfortunately, it is still used by many companies and users today, unaware of the potential threat.


  • Fast work, simplicity does not affect the efficiency
  • Easy installation
  • Available on almost any device


  • Even a highly secure session can be interrupted within 24 hours
  • No strong encryption

This is a hybrid of two protocols. The only L2TP allows you to create a communication tunnel and transfer data. Security is the responsibility of the IPSec protocol, which is responsible for authenticating and encrypting the connection. It provided high security, but after disclosing information about the NSA by Edward Snowden, it can be assumed that the IPSec protocol does not provide such high protection and can be hacked by special services.


  • Speed of action
  • Strict regime
  • Widely available in various systems


  • There is a high risk of NSA violation of the IPSec protocol, which can pose a threat
  • It works on UDP port 500, making it easy to detect VPN usage; some ISPs and hotspots may block this port

Another hybrid of various protocols that provides the highest degree of security; no information suggests compromising his security. It uses the OpenSSL library and the SSLv3 and TLSv1 protocols. This allows for the best forms of connection encryption and session security. We can also connect through any port so that we will avoid detecting that we are using a VPN connection.


  • Open source
  • The highest level of security
  • Extensive configuration options


  • Requires the installation of a special application
  • Customization can be tricky
  • Novice users

OpenVPN is a valuable open source cross-platform software package for creating encrypted Internet connections between a host and a local computer. OpenVPN offers several methods for authenticating users: using keys, certificates, or username and password. The app also supports dynamic IP addresses. Its configuration is not the easiest, but we can enjoy a secure connection without unnecessary ads and queues when we go through it.

  • Complex setup
  • Frequently changing server passwords
  • Quite slow connection
  • No data transfer restrictions
What is the Tor network and how does it work

Tor is an anonymous network that, like other networks of this type, such as Freenet, GNUnet, or MUTE, is designed to protect our identity. The main purpose of using such networks is to bypass censorship tools, network filtering mechanisms, and various communication restrictions and regional blockades.

Bow Tracking

The Tor network is based on the principle of onion routing. The name of this mechanism comes from the fact that is using cryptography, all messages sent by a series of servers - onion routers that don't know what data they are sending - are encrypted in layered mode (hence the onion comparison). Anyone can support such a network by running a server on their computer that will serve it. Simple implementation, clear rules of work, and the possibility of almost disappearing from the Internet are the main reasons for Tor's success.

Can someone track you?

It is possible to track a Tor user and confirm outgoing and incoming communications with his computer in theory. However, managing the start and end nodes simultaneously requires enormous resources and technological capabilities critical to all communication. This is reported to be happening in the United States.

How it works in practice

Let's find out the basic principle of how Tor works.

Normal connection without Tor network

When we usually use the Internet and want to visit a website, we enter its address in our browser. It is recognized, and a request is made to access this website's server's IP address. Information about this request is also sent to our internet service provider and the time log (when the request came from which IP address and which target IP address it should reach). Thus, the data packets we send, even those containing passwords and other confidential data, are stored on our Internet providers' servers.

Connecting via Tor network

When using the Tor network, the entire request to access the site is encrypted and sent to the originating node. Our ISP only knows the time when the outgoing packet was generated from our address, but he cannot check the contents of such a packet and sees that his traffic ends at the first node.

Meanwhile, the packet's route is much longer and goes through a predetermined pseudo-random number (pseudo-random numbers have hidden patterns that are technically irrelevant) through several different types of nodes, which increases security and makes tracking difficult. Only the last node, the end node, receives the information to decrypt the packet and send it to the source server in the usual way.

The server can read the packet and only know the last node's access time and IP address, but not ours. Thanks to this, we are anonymous, because even the Internet provider cannot tell which pages we visit and what data we send or download from the network. The only thing it records is the access time and the amount of data transferred required for invoicing the customer.

Tor network etiquette

It is important to adhere to some basic rules to maintain optimal performance on onion routers provided by volunteers and maintained at their own expense. The use of etiquette is voluntary but important and stylish - it's a living principle online. These are its four most important principles.

  • Too much data transfer - Sending a large amount of data through the Tor network is poorly accepted because it can significantly affect the load on the entire network and slow down other users' work
  • Torrent Clients - Torrent protocols should not be used on the Tor network because they usually download illegal content and large amounts of data, creating too much traffic on the network. By default, the egress host policy blocks the standard torrent client ports
  • Spam - Spam routing is blocked by default on egress nodes on port 25. Routing spam from the Tor network is highly inappropriate
  • Special Treatment - Services and websites have the right to treat users identified as using Tor differently. This usually means reduced bandwidth or other restrictions

Tor Browser allows you to bypass regional blockades and censorship. And the ISP can only see what we were using the Internet and what server IP (first network point) we are connecting, but there is no information about the entire connection's progress. Tor is free, so its servers are limited, and the user pool is still growing, so browsing can be quite slow.