Introduction to Tails and Tor
The Amnesic Incognito Live System, or simply known as Tails, is a Debian-based Linux operating system whose ultimate goal is to preserve your privacy and anonymity. To achieve this, Tails forces all your internet traffic to route through Tor — software that lets you browse the internet anonymously. Tails is also equipped with an instant messaging client, an email client, and an office suite all pre-configured with security in place.
Tails is simple and easy to use, even if you’re a novice user. With Tails OS, you can prevent third-party applications from tracking your online activities.
To learn more about Tails or Tor, follow either of these links:
We assume you have some working knowledge about VPNs. So in this guide, we’ll focus on how to use VPN with Tails to keep you secure.
Advantages of Using Tails
- Skip setup. As Tails is pre-configured to route all your network traffic through Tor, no setup is required.
- Secure your PC.
- Protect your privacy and browsing history when using someone else’s machine.
- Leave no trace of visited websites, entered passwords, opened files, and many more.
- Save chosen files and configurations to an encrypted persistent storage.
- Access a variety of software to work with sensitive information and communicate safely.
- Avoid mistakes. Tails will block applications that try to connect the internet without Tor, encrypt persistent storage, and delete all memory at shutdown
Pros and Cons of Using VPNs with Tails
The Tails organization doesn’t recommend using VPNs as a replacement for Tor, as their goals are incompatible. However, certain use cases might warrant that you use a VPN with Tails for even greater benefits.
Note that to experience the best of both technologies, significant modifications would have to be made to get VPN to work with Tails.
There are two primary ways to use a VPN with the Tails operating system.
1. Tails → Tor → VPN (VPN over Tor)
This method adds a VPN hop after the Tor network’s end.
- It enables access to services and features you could otherwise get only through a VPN.
- You can access services and websites that Tor would otherwise block.
There are a considerable number of disadvantages, too, when using a VPN connection after Tor.
- You have access to no Tor-hidden services.
- If the Tor network gets compromised, your real IP address will be leaked.
- If there are third parties or other providers that want to flush you out, they’ll only have to focus on breaking the VPN, not the whole Tor network.
2. Tails → VPN → Tor (Tor over VPN)
Here, the VPN connection is established before connecting to Tor. This method offers many benefits.
- You can use Tails at airports.
- VPNs can help access Tor on censored networks.
- This enables customers to connect when Tails is unusable to their internet service providers (ISPs), or when ISPs have blocked use of the Tor Browser.
- The Tor network treats your traffic as originating from an anonymous VPN server.
- If Tor gets compromised, you’ll still have a staunch defender in the form of the VPN server protecting you.
Despite the benefits of using a VPN connection before the Tor network, there are still some reasons why using a VPN isn’t recommended.
- If the VPN network is compromised, your data could potentially be exposed to third parties.
- The best VPNs are services you have to subscribe to and pay for.
- VPNs may introduce a permanent entry guard if they’re set up before the Tor network.
Using Anonymous OpenVPN with Tails
Anonymous VPN offers security services for many platforms, including Windows, Linux, and macOS.
You can download anonymous OpenVPN through https://anonymous-vpn.biz/buy-vpn/
Unlock and configure Persistent Storage.
- Unlock persistent storage at the Welcome page by adding a passphrase.
- Add the VPN application you’ll download later to the persistent storage.
Set an administrator password.
- Find the administration password option under “Additional Settings” by clicking the “+” button.
- Set and confirm the password; you’ll be prompted to enter this in the terminal for many operations.
Configure your internet connection.
- Purchase a VPN.
- Download and install a Dedicated VPN.
- After installation is complete, download the Dedicated VPN keys.
- Rename DeicatedVPN**.ovpn as tov.ovpn and copy them to the persistent storage.
- Download a script to connect OpenVPN in Tails and copy it to your persistent storage as tails.sh.
- Open a terminal where these files are located (Persistent Storage), or navigate to the folder where these files will be located after opening the terminal.
- Switch to root.
- Enter the command chmod +x tails.sh to set the execution rights.
- Run the tails.sh script file with ./tails.sh
- Enter your username and password to authorize the VPN connection.
- Upon successful completion, restart Tor and make sure it works by entering the relevant commands.
- Open the Synaptic Package Manager.
- Search for OpenVPN under the “Not Installed” tab.
- Check all the packages and mark them to be installed.
- Apply the changes.
- Configure your VPN.
- Add the configured ovpn file to VPN in the network settings.
VPN Service Providers and Tails
|VPN Service ||Services to Tails |
|ExpressVPN ||VPN settings and configurations not fully tested with the Tails OS, so ExpressVPN can’t yet be installed in Tails. |
Since Tails is a Linux-based OS, you may refer to our manual setup link below using PPTP on Ubuntu, though this isn’t guaranteed to work.
|PureVPN ||Not tested with Tails; therefore, not guaranteed to work. |
|NordVPN ||Incompatible, as Tails doesn’t support the use of VPNs directly. |
|Credit card details, account balance up to $1000 ||$12 |
|OpenVPN/Anonymous OpenVPN ||Not directly supported, but can be set up with a few workarounds. |
Is Using VPN With Tails as Bad as They Say?
The Tails VPN Support page insists that combining Tails and VPNs is a bad idea.
Moreover, replacing Tor with a VPN is apparently a bad idea as well. If you’re inexperienced, it’s all too easy to make a mistake during the process. As shown earlier, setting up a VPN isn’t too straightforward.
Disabling Tor is a bad idea, yes, but VPNs aren’t intrinsically bad or lacking in security, as suggested by an official statement in the Tails VPN Support page.
If you use Bitcoins to purchase a subscription to a reliable VPN, then the level of security you get is at least on par with that of Tor.
Data packets go from the computer to the VPN, and then to the Tor network by a permanent entry guard which creates an endpoint server to receive data before reaching the Tor network.
The connection is encrypted by the VPN. Therefore, there’s little difference between a permanent entry guard and a direct connection from the computer to the Tor network.
Here, if Tor is compromised, the attacker would have to bypass the VPN’s security as well. This is much safer than accessing Tor directly.
Risks of Using VPN Over Tor Network
Use VPN with Tails or with a Tor network only when absolutely necessary, as this may weaken your anonymity and cause other problems if not configured properly. When considering a VPN, definitely consider the use cases previously discussed.
Circuit Switching isn’t supported when using a VPN over the Tor network.
Internet traffic goes through different exit relays when using a Tor network. This means network requests have different paths or different addresses to access the internet. However, the use of a VPN introduces a permanent exit node for internet traffic, allowing others to identify which location your data is coming from. If your Tor network gets compromised in any way, third parties will find what you requested and from where.
The anonymity of the network built with VPN over Tor greatly depends on the VPN’s anonymity.
People prefer to use Tails because of its anonymity and how it doesn’t trust the services of other applications in securing user privacy. However, if you think adding one more hop with a VPN to the process of what Tails does will increase your safety, you’d be mistaken. The purpose of using Tails is wasted if your VPN provider sells you out. Make sure the VPN you choose is reliable and trustworthy.
Use a VPN over the Tor network only when necessary.
When using a VPN service over Tor, two instances are established in your machine: one will let you route VPN over Tor, and the other will use Tails normally with Tor. It might be inconvenient to have to go through CAPTCHA so often, but you should always make sure to use the VPN instance only when you absolutely must. Some websites may also block VPN users as well.
And if you’re new to VPN and Tails, aside from the recommendations outlined here, it’s still a good idea to go through all documentation carefully.
Tails with Tor Browser might be the answer to many of your concerns with security and private browsing. Although there’s no consensus about whether it’s a good idea to use Tails with a VPN, the combination may in fact be extremely helpful when used in the correct manner.
If you want to track your traffic or eavesdrop on your online conversations, setting up the Tails OS to go through the VPN and then to the Tor Network will cut off all access routes to you.
This setup will give you peace of mind and keep you out of harm’s way permanently.