Comparisons
VPN vs Tor
VPNs and Tor both hide what you're doing from your internet provider. But they work differently, offer different protections, and suit different situations. Understanding the difference helps you choose the right tool, or understand why you might need neither.
The short version
A VPN moves trust from your ISP to the VPN company. Your ISP can't see your traffic, but the VPN can. A good VPN provider is designed to hold as little as possible.
Tor distributes trust across multiple servers so no single point can see both who you are and what you're accessing. No single server in the chain knows both pieces. It's slower and more restrictive, but the architecture is fundamentally different.
Side by side
| VPN | Tor | |
|---|---|---|
| Who can see your traffic | VPN company (encrypted internally) | No single server, distributed across 3+ relays |
| Who can see your IP | VPN server sees your real IP; destination sees VPN IP | Entry relay sees your IP; no relay knows destination |
| Speed | Close to normal | Significantly slower |
| Requires trust in a company | Yes, you trust the VPN provider | No company to trust |
| Cost | Typically €4–10/month | Free |
| ISP sees you using it | Yes (VPN) | Yes (Tor), though bridges can obscure this |
| Mainstream site compatibility | Generally good | Some sites block Tor exit nodes |
| .onion sites accessible | No | Yes |
| Suitable for streaming | Usually | Generally not |
| Suitable for anonymity | Shifts trust, not full anonymity | Closer to anonymity, but not absolute |
| Setup complexity | Low | Low (Tor Browser) to moderate (advanced use) |
How each one works
VPN. You connect to a VPN server. All your traffic goes through that server. Your ISP sees a connection to the VPN server and encrypted traffic, not the destinations you're visiting. Websites see the VPN server's IP address, not yours.
The VPN company sits in the middle. It can see your real IP and the destinations you're visiting. Whether this matters depends on how much you trust that company, their legal jurisdiction, and their actual logging practices.
Tor. Your traffic is encrypted in three layers and sent through three separate servers (relays). Each relay peels off one layer and passes the traffic to the next, like unwrapping nested envelopes. The first relay knows your IP but not your destination. The last relay knows the destination but not your IP. No relay knows both.
No company holds the keys to the whole picture. The Tor network is run by volunteers worldwide.
When a VPN is the better choice
Everyday privacy from your ISP. If you don't want your internet provider seeing your browsing activity, and you're willing to trust a VPN company instead, a VPN is practical and fast enough for normal use including streaming and video calls.
Geographic access. VPNs let you appear to be in a different country. Many streaming services, news sites, and other content is geo-restricted. Tor doesn't help with this because its exit nodes are often blocked.
Hiding that you're using privacy tools. Some ISPs or networks block Tor, or flag its use as suspicious. A VPN connection looks like ordinary encrypted traffic to an ISP.
Work-related usage. Accessing corporate resources remotely, secure tunneling for professional contexts, VPNs have a well-established role here.
When Tor is the better choice
When you can't trust any single company. A VPN company could be served a legal order, could be breached, or could simply lie about its logging practices. Tor's architecture means no single operator has the full picture. You're not trusting a company, you're trusting a design.
Accessing .onion services. Websites running as .onion addresses exist only within the Tor network. Both the user and the server remain hidden. VPNs don't offer this.
Situations where anonymity, not just privacy, matters. A VPN shifts trust. Tor distributes it. If the stakes are high enough that trusting a VPN company isn't sufficient, Tor is the appropriate tool.
Protecting a source, communicating anonymously, or publishing without being identified. These are the situations Tor was designed for.
What neither does
Neither a VPN nor Tor protects you if you log into accounts. If you sign in to Google or Facebook, those services know who you are regardless of what your IP address says.
Neither protects against tracking that doesn't rely on IP addresses, browser fingerprinting, cookies, device identifiers. Browser choice matters separately.
Neither hides the fact that you're using a privacy tool from your ISP. Your ISP can see you're connected to a VPN. Your ISP can see you're using Tor. Bridges (for Tor) and obfuscation (for VPNs) can reduce this visibility.
Can you use both?
Yes. Connecting through a VPN and then using Tor, or routing Tor through a VPN, is possible and has specific use cases.
VPN then Tor (the common setup): Your ISP sees a VPN connection, not Tor. The Tor entry relay sees the VPN server's IP, not your real IP. This hides Tor use from your ISP and hides your real IP from the Tor network.
Tor then VPN Less common. Traffic exits through a VPN after Tor. The destination sees the VPN's IP rather than a Tor exit node. Useful if a service blocks Tor exit nodes.
Both configurations add complexity and should be considered based on a specific threat model rather than adopted as a universal improvement.
Foldy tip
Understanding the difference between these two is genuinely useful, whatever you end up choosing.
Related pages
VPNs explained
Tor
Blackout VPN
Mullvad VPN
Tails, uses Tor by default for all traffic
Threat modeling