The Onion Router, or Tor, is a popular way of providingÂ Internet users with anonymity. It encapsulates data into several layers of encryption–hence the “onion” part of its name–and routes traffic through a complex array of peers, with each one only aware of only what it needs to keep the data moving.Â Some Tor users are asking themselves the question: Does my Internet Service Provider know I’m using Tor? It is a very good question as we’d all rather have our IPS not knowing we’reÂ using Tor. As we’ll see, there are a few reasons for that but the most basic can be summarized by this analogy: If I dress up as someone else, I’d rather have people see me as who I’m dressed up as than as someone who is dressed up.
Today, we begin our discussion by explainingÂ what Tor is, what it is used for and how it works. Although Tor is a quite complex system, we’ll try to explain it in terms anyone can understand. We’ll do ourÂ best to be detailed but not too technical.
Then, we’ll discuss the reasons why your ISP might be interested in knowing if you’re using TOR and whether or not they actually can. We’ll then talk about some alternatives that are available to hide your activity from your ISP or anyone who could intercept and analyze your traffic. We will see that Virtual Private Networks are great tools to provide anonymity and introduce you to three of the best VPN providers we know of.
What Is Tor?
Tor is a system for enabling anonymous communications on the Internet. Using it makes it more difficult to trace user activity to a specific user. It can hide visits to websites, online posts, instant messages and other forms of online communications. The intent of using Tor is to “protect the personal privacy of its users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities from being monitored”.
In a nutshell, Tor directs Internet traffic through a free worldwide volunteer-overlay network consisting of thousands of relaysÂ and conceals a user’s location and usage from anyone conducting network surveillance or traffic analysis. Tor is not meant to completely solve the issue of anonymity on the web nor is it designed to completely erase anyone’s tracks. Instead, it is designed to reduce the likelihood of sites tracing actions and data back to the user.
How Does Tor Work? (In Terms Anyone Can Understand)
Although Tor is a relatively complex system, we’ll try to explain its operation in simple terms. With a better understanding of Tor’s operating principles, one is better equipped to evaluate what degree of anonymity it can provide and the limitations it has.
When a Tor user wants to open a communication channel to a remote resource–a website, for example–the first step is to build a virtual route between the source and the destination. The Tor client (the software running on the user’s computer) has access to a list of Tor nodes and uses it to build a random circuit through several nodes. Their number and location dependÂ on the locations of the source and destination.
Each node in the virtual circuit only knows about the previous and the next nodes. Therefore, only the first node knows about the source and only the last one knows about the destination. If any node was compromised, it would be impossible to trace back the circuit.
Once the circuit is built, the client encapsulates the data and encrypts it once for every node of the virtual circuit. For example, if the virtual circuit has 3 nodes–it typically has much more than that–the data will be encrypted 3 times, first using the last node’s key, then using the middle node’s and finally using the first’s. It is this layer’s encrypting system that gave the Onion router its name what it was first developed.
Why Would My ISP Care If I Use Tor?
Simply because your Internet Service Provider cares about any and all of your online activities. There are several reasons for that. First and foremost, they want to ensure no one is violating their terms and conditions. Also, they need to offer a decent level of service to all their users so they must ensure that resources are sufficiently allocated where and when they are needed. Finally, they might also want to protect themselves from legal actions whenever one of their users breaks the law.
The specific issue with Tor is that it’s known to be used for all sorts of illegal actions such as software and media piracy and a slew of various criminal activities. This makes Internet Service Providers very wary about its use.
And when your ISP suspect a user may be violating their terms and conditions or breaking some local law, they can react in different ways. Some have been known to sent infringement notices. Others will throttle down the suspected user’s bandwidth. And even worse, some will bluntly interrupt the service.
Does My ISP Know I’m Using Tor?
To put it simply, your Internet Service Provider knows about everything you do. And that includes using Tor. Of course, given Tor’s anonymity features and strong encryption, they won’t know what you’re using Tor for but they’ll definitely know your using it.
And given Tor’s reputation as being used often for conducting illegal activities online, many ISPs will either block it completely of throttle it down to the point of making it unusable.
What Are My Options?
The very best advice we can give you is to refrain from conducting any illegal activity online. That being said, not all Tor users are criminals and your reasons for seeking anonymity can be perfectly legit and reasonable. But if your ISP has something against using Tor, you’ll need to turn to some other way of achieving the sought after privacy.
A Virtual Private Network is likely your best options when Tor won’t work with your ISP. They provide a similar–albeit very different–privacy and anonymity. They might not be as robust and hard to crack as Tor but VPNs do provide sufficient protection in most situations.
And the best thing about VPNs is that they are almost never blocked by Internet Service Providers (though exceptional cases do exist). They can’t be as they are often the primary mean telecommuting workers use to connect to their employer networks from their home.
How Do VPNs Work?
A Virtual Private Network–or VPN–establishes a virtual tunnel between a protected device running a VPN client application and a remote VPN server. All data in or out of the protected device is encrypted by the client application using strong algorithms before being sent through the tunnel to the VPN server. At the server end, data is decrypted and sent out to its destination on the Internet. Even though the data is decrypted and then sent on the Internet at the far end of the tunnel it is still untraceable to you or to your equipment. Once the data reaches its destination, it is seen as originating from the VPN server instead of from the originating device.
More importantly, if you’re concerned with privacy and anonymity, someone (your Internet Service Provider, government agencies or malicious users) trying to intercept your traffic and spy on you will always do it from your end. This is the segment that is encrypted when using a VPN. Anyone intercepting and examining your traffic would only see undecipherable data between you and a VPN server. They wouldnâ€™t know where youâ€™re going or what youâ€™re doing.
Advantages of using a VPN
There are several advantages to using a VPN besides the obvious privacy and anonymity factors. Two of the better-known a are bypassing access restrictions imposed by your service provider and bypassing geographic access limitations.
Bypassing Access Restrictions
There are numerous places that, while providing Internet access, restrict it somehow. It is common in academic institutions, office environments and many public WiFi hotspots. These restrictions can be a way of limiting bandwidth usage, reducing time wasted by employees and students, protecting copyright owners or just for enforcing ethics or morality.
These restrictions are usually implemented using systems that a VPN can easily bypass. It doesn’t always work, though. Since VPN usage has become more and more popular in recent years, many organizations are using systems that will block VPN traffic. Fortunately, VPN client software has gotten better and many VPN providersâ€™ client software have a stealth mode that will make traffic look like â€œnormalâ€ traffic, bypassing any VPN blocking. The best ones even do it with no user intervention.
Circumventing Geographic Limitations
Another major advantage of using VPNs–and it’s possibly the main reasons why people are using them nowadays–is to circumvent geographical restrictions.
Several websites or content providers on the Internet restrict access to users located in a specific geographical zone. Some do it because they have different local offerings in different regions. Others do it because they are only authorized by copyright owners to distribute content in specific regions.
These geographic limitations are enforced but denying or allowing connections base on their source IP address. An IP address is a number that uniquely identifies your computer on the Internet. As a side effect, your IP address can also reveal your approximate location.
As we indicated, when using a VPN, the destination resource sees your traffic as coming from the VPN server rather than your device and therefore, sees the server’s IP address. Bypassing geographic limitations is thus a simple matter of connecting to a VPN server in the appropriate location. Most providers let you do just that.
Selecting a VPN
There are several factors one should consider when choosing the best VPN provider for their needs. We’ve compiled a list of some of those we feel are the most important.
- Performance And Stability:Â A VPN adds some network overhead that could slow down the communication.Â There’s no way around that. To minimize this, you need fast VPN servers. You also want the service to be available when you need it. For that, you need a reliable supplier, one with stellar uptime.
- Strong Encryption Parameters:Â This is the most important factor for privacy. Encryption makes your data almost impossible to crack and will stop your ISP from snooping on you. The higher the encryption, the better your data is protected. Donâ€™t settle for anything below 128 bits but aim for 256 bits or more. Our Top providers all offer 256-bit encryption.
- Strict No-logging Policy:Â One of the most important features when it comes to safeguarding your privacy. If your VPN provider were hacked or were forced to reveal information about you or your online activities, youâ€™ll be protected if they donâ€™t have any.
- Location And Number Of Servers:Â To be able to bypass as many geographic restrictions as possible, you need a provider with servers in as many locations as possible.Â You also need a provider with many servers in each location. Servers donâ€™t have unlimited capacity and when they get too busy, they can slow down. More servers means less load on each and consequently, better performance
- Available Software For Your Platform:Â You don’t necessarily use a Windows computer. More and more users these days are using some form of mobile devices such as tablets, smartphones or TV boxes. You need to choose a VPN provider that has client software for any platform you’re using.
Our Top 3 VPN Providers
ExpressVPNÂ is best known for its strong encryption protocols, the speed of its servers, and its worldwide network of over 1,500 servers in 94 countries. No matter what you want to watch and what its geographical restrictions are, chances are there is a server in the right country.
The ExpressVPN service uses the OpenVPN protocol with 256-bit AES encryption and perfect forward secrecy by default. Furthermore, it uses 4,096-bit DHE-RSA keys that are protected by the SHA-512 algorithm.
Unfortunately, the provider only has a partial no-logging policy. They however admittedly only keep data aboutÂ the servers users connect to and the dates which they do. Your privacy appears to still be adequately protected. ExoressVPN’s Network Lock feature will block all internet traffic in the rare event that the connection should drop, ensuring that your data is not at risk.
The ExpressVPN subscription lets you connect from three devices simultaneously. There are desktop clients for Windows, MacOS, and Linux plus an Android app as well. To protect your whole house from a single point, you may also install the VPN software on a router. Despite the fact that the supplier doesn’t offer preconfigured routers, detailed instructions on how to set it up on more than dozen models of routers from various manufacturers are provided on ExpressVPN’s website.
IPVanish’sÂ main characteristic is its fast service that emphasizes both security and privacy. With its full no-logging policy, the provider keeps no data on usersâ€™ activities. Even its employees can’t see what youâ€™re doing or where youâ€™re going online.
By default, IPVanish uses the OpenVPN protocol with 256-bit encryption, a standard feature amongst most providers. The service boasts SHA512 authentication and DHE-RSA 2,048-bit key exchange with perfect forward secrecy. IPVanish also features it calls a â€œkill switchâ€ that will disconnect the network should the VPN disconnect unexpectedly.
With more than 950 servers across some 60 countries, chance are youâ€™ll be covered no matter what geo-blocked resource you’re trying to access. An IPVanish subscription allows up to five devices to connect simultaneously. IPVanish has client software for Windows and Macintosh computers and the provider also has detailed instructions on how to configure the service on Linux using the OpenVPN software. There are very good Android and iOS client apps. IPVanish provides detailed setup instructions for most well-known router brands and the company has partnerships with three suppliers offering routers with preinstalled IPVanish VPN software.
With 1300 servers in about 30 different countriesÂ CyberGhostÂ is impressive. And their reputation as a high-quality VPN provider is excellent.
Like most of its competitors, CyberGhost uses the OpenVPN protocol with 256-bit AES Encryption, 2048-bit keys and perfect secrecy.Â CyberGhost as a strict zero-logging policy (one of the best in the industry, in fact). The provider wonâ€™t even keep userâ€™s email addresses. CyberGhost chose to have all subscription purchases processed by resellers so the only personal information CyberGhost keeps about users is their usernames. Other important features of CyberGhost include an Internet kill switch that will automatically disconnect your network should the VPN connection go down and DNS and IP leak protection. On the client side, apps are available for Windows, MacOS, iOS and Android.
Tor is a great way to provide online anonymity. Unfortunately, its common use for conducting all sorts of doubtful–if not illegal–activities have made ISPs wary of its usage. Some of them will block it or take other, more drastic, measures when they detect it, which they can easily do.
A VPN, while it may not provide the same level of identity and usage obfuscation is less frowned at by Internet Service Providers while still providing more than adequate privacy protection in most situations. With many VPN providers to choose from, our list of important factors and our Top 3 list of the best providers should help you choose one that will be a good match for your needs.
Have you ever used the Tor network? If you had to choose one, would you rather go with Tor or a VPN? And if you’re a VPN user, who is your favourite provider and why? Use the comments below to share your experience.