A Comprehensive Comparison of VPNs and Onion Routing (TOR)

Updated on: 12 July 2020
Updated on:12 July 2020

Although VPNs have long been associated with private and secure browsing, those who have a keen interest in this particular subject may also have come across the concept of onion routing, albeit perhaps not with that exact name.

Also known as Tor, onion routing (OR) has been a way to navigate the web in virtual anonymity for some time but has mostly remained restricted to either nerd culture or the criminal underground that operates in the dark web.

Although both VPNs and OR represent valid ways of masking one’s identity, both are used in different contexts and different purposes as they each use their own particular methods to achieve their goals.

A brief introduction to OR

Using a tool like The Onion Router (TOR), people can access a network that—as the name “onion routing” suggests—will stack signals through multiple points like the layers of an onion. Since your packets are sent to multiple destinations, it’s nigh impossible to track the origin of the signal when the protocol is used properly.

The amount of effort required to track you down is just too unfeasible even for a sophisticated organization. Therefore, you get to move about the internet in the relative safety of a cocoon built by hundreds of different computers whose owners volunteered their processing and network resources to process your communication.

OR network circuits are built by everyday people and some organizations that value privacy, making the entire infrastructure one large peer-to-peer “shadow internet.” Because of this, things like hidden services that cannot be accessed on the “clear web” exist.

This is essentially what the media is referring to when it says that something has been found on the “deep” or “dark” web. It’s a series of pages on an alternative version of the internet that cannot be accessed by any other means than using either OR or other darkweb services like I2P (the latter of which we won’t get into for the sake of brevity).

Why use this instead of a VPN?

There are specific examples of why using onion routing would be more favorable than using a VPN. Here are a few of those use cases:

  • You’re a whistleblower and you need to get information out there anonymously through a hidden service.
  • You need to access a hidden service to communicate sensitive information to someone.
  • You want a free way to secure your anonymity without compromising your wallet, as a high-quality VPN often will cost you money.
  • You’re planning on running a hidden service.

Technically, with the exception of these differences, OR is essentially similar to using a VPN. You can access websites that are blocked by your provider, you have the ability to navigate from endpoints in other countries than your own, etc.

The major difference is you’re not depending on one central entity to guarantee that your activity is masked.

This all may sound great, but it also comes with significant disadvantages.

1. Because your data transfers are traveling along a circuit of various “layers” in the form of several computers relaying your message, you’re inevitably going to experience a noticeable and sometimes even stark delay between your request and the response. Websites will load more slowly, especially if they have many assets. Gaming is all but impossible since you’ll have significant amounts of lag.

2. Since onion routing is generally associated with sketchy activity, a number of websites block traffic coming from known OR nodes. A way around this is to switch nodes until you hit something that isn’t blocked. However, in many cases, you’ll simply get 404 errors, which make it difficult to distinguish whether OR is at fault or the page you’re trying to access really cannot be found.

3. If you’re planning to run your own OR node and help keep the network running (this is not something you do without actually seeking to do so), you may run into legal trouble as not everyone using your service has clean hands. You might even help facilitate things like drug trafficking or far worse without even knowing it.

That last one doesn’t apply to regular users of OR, but many people who choose to run nodes may unknowingly put themselves at significant legal risk and it bears mentioning this fact before someone makes this kind of commitment.

Who should use VPNs? What about OR?

If you can accept some significant lag in the packet/response cycle and some inconveniences from some web services, OR might be a valid choice to help keep your browsing private and safe.

However, a VPN remains a highly-secure and convenient option for private browsing. Professionals, gamers, and other people who transfer a lot of data and depend on low latency to do so are all probably better off using the tried-and-true virtual private network as opposed to exploring onion routing.

Still, it’s important to note that aside from shifty activities, OR stands as a valuable resource for people who have to deal with extremely sensitive data that cannot be associated with them. Whistleblowers and investigative journalists may still favor this method over VPNs.

All in all, it ultimately comes down to a matter of preference. VPNs accomplish a more streamlined, convenient, and professional version of onion routing’s goals. At the same time, onion routing provides a more fundamentally informal, complex, and murky method for masking data sources.

Both have situational advantages, but to the average person trying to bypass the Great Firewall of the EU or China to watch some videos blocked by their country, both are interchangeable and one is a slower version of the other.

Written by: Miguel Gomez

Connect with him:

Old-school programmer, cybersecurity expert, analyst. Miguel is a corporate consultant who often spends his time educating people and companies on cybersecurity-related subjects and breaking down complex themes into bite-sized and easily-digestible nibblets. He speaks with over 11 years of experience doing market and cybersecurity research, as well as nearly 15 years of experience developing software, behind him.

Leave a Reply

Your email address will not be published. Required fields are marked *