Yes! To use PIA with Tor (The Onion Router), connect to the PIA service first, then open the Tor Browser.
VPNs and the Tor network both use encrypted connections to help protect user privacy, but they work differently.
Key differences
- VPNs are generally faster than Tor because traffic passes through a single VPN server instead of multiple Tor nodes.
- PIA provides increased privacy, while Tor is designed to provide anonymity.
- Tor is slower and may be blocked by some websites, and it is not suitable for P2P traffic.
- Using both together can improve privacy, but may reduce connection speeds.
Tor through your PIA Service
Your traffic follows this path when both are used together:
Your computer → PIA VPN → Tor network → Internet
To set this up, first connect to a PIA server, then access the Tor network using the Tor Browser before browsing the Internet.
Due to the use of 3rd party unsupported hardware and/or operating systems, we cannot provide support for TOR to VPN setups. If you do decide to go this route, then the easiest way to set this up is by using either PORTAL, Whonix, or TAILS for maximum security) While connected to a PIA server, this would mean that your public IP is that of the TOR exit node and not the IP provided to you by the VPN.
Below, we have provided you with a list of the pros and cons of using a VPN with a TOR Browser.
Pros:
- Your ISP cannot see that you are using Tor (it will only see VPN traffic)
- The Tor entry node will see the IP address of the PIA server instead of your real IP address
- PIA operates as a no-logs VPN provider, which helps reduce identity exposure risks
- Allows access to Tor hidden services (.onion websites)
Cons:
- No protection from malicious Tor exit nodes
- Non-HTTPS traffic entering or leaving exit nodes is unencrypted and may be monitored
- Tor exit nodes are often blocked by websites
- Overall connection speed may be significantly reduced when using VPN and Tor together
Using Tor bridges such as Obfsproxy may help conceal Tor usage from an ISP, although advanced traffic analysis techniques such as deep packet inspection may still detect Tor traffic in some cases.
Important Note: Private Internet Access currently does not offer TOR through VPN via an OpenVPN configuration file.
However, be aware that this is nowhere near as secure as using the TOR Browser, where TOR encryption is performed end-to-end from your desktop to the TOR servers. The TOR Browser has also been hardened against various threats in a way that your usual Browser almost certainly has not been.
For maximum security when using TOR through a VPN, you should always use the Tor browser.
Security Risk: Malicious exit nodes
When using TOR, the last node in the chain between your computer and the open internet is called an exit node. Traffic to or from the open internet (Bob in the diagram below) exits and enters this node unencrypted. Unless some additional form of encryption is used (such as HTTPS), this means that anyone running the exit node can spy on users' internet traffic.
This is not usually a huge problem, as a user's identity is hidden by the 2 or more additional nodes that traffic passes through on its way to and from the exit node. However, if the unencrypted traffic contains personally identifiable information, this can be seen by the entity running the exit node.
Such nodes are referred to as malicious exit nodes and have also been known to redirect users to fake websites.
SSL connections are encrypted, so if you connect to an SSL-secured website (HTTPS://), your data will be secure, even if it passes through a malicious exit node.
Security Risk: End-to-end timing attacks
This is a technique used to de-anonymize VPN and Tor users by correlating the time they were connected to the timing of otherwise anonymous behavior on the internet.
An incident where a Harvard student (who made bomb threats to skip finals) got caught while using TOR is an excellent example of this form of de-anonymization attack in action. However, it is worth noting that the culprit was only caught because he connected to Tor through the Harvard campus WiFi network.
On a global scale, pulling off a successful e2e attack against a TOR user would be a monumental undertaking, but possibly not impossible for the likes of the NSA, who are suspected of running a high percentage of all the world public TOR exit nodes.