Recently I read about a VPN company that objected to a customer that was downloading a large Torrent file. The actual Torrent ISO file was a 2Gb Linux Operating System installation which is a free open source operating system… far superior to all other paid alternatives
I’m confused concerning the benefits of using Tor vs VPN. Surely both the raw URL request and results must be available to the Internet Service Provider and also the VPN.
If on the off-chance you are using Tor and/or a VPN I’m curious to know why.
Nope. When using a VPN, your ISP sees you connect to a server owned by a VPN service. It might also know the time of your connection and the port your VPN protocol is using, as well as amount of traffic traveling to and from your device. They will definitely not see which URLs you are requesting.
Your VPN will see this info, which is why it is important to choose one with a verified no logs policy.
As for Tor, the way that works is that your traffic is sent through three random servers before reaching its destination on the public internet. Each server has no knowledge of the previous one, thus making the connection “anonymous”. Your ISP will see you disappear into the Tor network and, as above, some meta data about the connection, as well as the amount of traffic traveling to and from your device. They will definitely not see which URLs you are requesting.
If you use Tor over VPN, you shift this point of failure to your VPN provider.
We are actually publishing an article tomorrow entitled “What are VPNs and Why Do You Need One”. I’ll update this post with the URL once it is live.
not… strictly true. A Tor server knows where the data it received came from, in order to send the result it gets from the next server in the chain back to the originator.
The first hop in your Tor network knows who requested the data, and it knows which server it sent the request to next (because it’s waiting for a response); it knows nothing about any further hops through the network. The end server has no idea who sent the request (obviously barring any credentials, cookies, etc), because it comes out of a random Tor server, but it knows where the message was going.
The idea is that no node in the connection other than the originator knows the whole chain; the first node knows nothing about the third node or the destination; the third node knows nothing about the first node or the originator; the second node knows neither the destination or originator.
The idea is that data is encrypted before being sent; as such, only your computer and the server you’re sending it to would know what was being said.
In theory, could an ISP sniff the original key exchange, reverse engineer the encryption algorithm, and figure out what you were sending? Maybe. How much effort would it take to decrypt the idea that you went to Facebook 5 times in May? Far too much to be worthwhile.
I’m confused concerning the benefits of using Tor or a VPN for that if the download is entirely valid.
I am sure that Tor has benefits but I do not assume I can hide from the United States government using it. Tor was written by the United States Navy. We know that the United States and other governments will trick criminals into a false sense of security; the ANOM phones are strong evidence of that. So even if there is no known way for Tor communications to be surveilled by governments, I assume they can be.
BitTorrent protocol is a protocol for transferring files, as explained in BitTorrent.org » For Users. Configuration of it is done using files often called torrent files. The Tor browser and torrent files are so very different that I am surprised there is confusion about them.
I am not confused about why the BitTorrent protocol is used to download the files. I would be confused if someone thinks they need Tor or a VPN to do that.
I have no experience with Tor yet (because I’m kinda scared of what it can do, for it is a really powerful browser), but as for VPN, it really depends on the VPN you use. ExpressVPN and NordVPN are two of the best VPNs you can access, however don’t expect full protection or anonymity from them. I guess Tor would have little to no problem with this.