There’s a lot of confusion surrounding virtual private networks. They often appear much more complex than they are and the other privacy options that perform similar functions muddy the water even more. That said, VPNs serve a distinct purpose that other online privacy tricks can’t mimic.
In this VPN vs proxy vs Tor comparison, we’re going to distinguish the three main privacy tools people use. We’ll discuss the use cases for each, as well as their drawbacks and benefits. At the end, we’ll give you our recommendation on which tool to use.
Though each has a purpose, the majority of users will land in the VPN camp. It’s the most served and well-rounded market. Proxies and Tor have drawbacks as services run by communities, while VPNs can implement the proper security and networking measures for a safe and reliable connection.
What is a Proxy?
“Proxy” has a quite literal definition in the networking space. When you connect to a website, your connection is sent to the server the website is hosted on. That server can see a load of information about your connection, including your IP address and relative location. Proxies sit in between that connection to make it look like you’re located somewhere else.
It’s a “proxy” for your connection. By acting as a intermediary connection point, a proxy server can trick the receiving web server into thinking your IP address and your location are different from what they are.
For bypassing basic content filters, proxies are excellent. Any sort of low-stakes online activity that requires a unique IP for a location is fair game. Proxies can be used to unblock YouTube videos that are only available in specific regions or visit websites that would otherwise not be accessible.
The key is low-stakes activity. Proxies have a glaring issue in that your connection isn’t secured. While you can appear to be in another location when using a proxy, basic route tracing, which can easily be done online for free, will reveal your true IP address and location.
Your originating requests aren’t secured, either. If you’re doing anything questionable — not that we’re accusing you of Digital Millennium Copyright Act violations — then your internet service provider, government or anyone else who can access your stream of data can see it.
Even so, proxies have their place. There are different types of servers for you to use depending on what traffic you want to hide.
HTTP proxies are meant exclusively for web traffic. You enter the IP address of the proxy you want to connect to in your browser’s settings and traffic will be routed through that server. Other traffic, such as peer-to-peer connections, isn’t suitable for an HTTP proxy.
There isn’t any encryption, either. While proxies don’t usually provide encryption, basic SSL/TLS isn’t provided either. You can learn the difference between those in our SSL vs. TLS guide.
That means you’ll have to make sure you connect to websites that support TLS, especially if you’re inputting sensitive information. That applies to email, too. You can learn more about enabling encryption for your emails in our guide to email security.
SOCKS proxies are better than HTTP proxies in that they’re traffic agnostic. You can send any traffic through a SOCKS proxy whether it is basic web traffic, a P2P connection or a FTP connection.
Apart from that, SOCKS proxies have the same issues as HTTP ones. You’re not provided encryption outside of what you supply and the traffic load and speed is up in the air. Plus, SOCKS proxies have more overhead, so they are usually slower than HTTP.
Cybersecurity novices will often reach for a free proxy online as a way to protect while downloading a few movies or albums. Free proxies come with many drawbacks, including inconsistent uptime, slow speeds and, in some cases, malware. While you may know the location of one, it’s difficult to pin down who’s running it and their integrity to cybersecurity.
Paying is the best way to go. TorGuard provides a good VPN service (read our TorGuard review), as well as proxies for basic web traffic and email. While you’re not actually securing your connection, a proxy can still hide your IP for low-risk web tasks.
What is a VPN?
You can read our what is a VPN and VPN security guides if you want the gritty details on how the services work. For this article, we’re going to provide a general overview and how VPNs compare to proxies and Tor.
A VPN is a like a proxy in that you’re connecting to a intermediary server, but your initial connection is encrypted. Providers such as NordVPN (read our NordVPN review) use top-level AES 256-bit encryption on your connection to the remote server, anonymize your traffic once it reaches the server and send it to whatever website you’re trying to access.
As long as you’re using a service that doesn’t leak — read our Mullvad review for an example — you’ll go incognito online. Route tracing becomes nearly impossible and your initial connection disappears into the ether.
VPNs don’t come without criticism, though. While they’re meant to protect your privacy, a VPN provider can see your web traffic and, in some cases, log it. Providers such as IPVanish and HideMyAss have been caught red-handed logging user data and handing it to the government.
You can read more about those incidents in our HideMyAss review and IPVanish review.
That said, Astrill and Goose VPN are examples of providers that have an affinity for security and privacy (read our Astrill review and Goose VPN review).
The biggest deterrent is that a VPN, in almost every case, will cost money. There are free options, but as you can see in our worst free VPN guide, they come with unintended consequences. The only exception to that is Windscribe, which is probably the best free VPN around, as you can read in our Windscribe review.
While not free, you can get a VPN for cheap. Providers such as CyberGhost and Private Internet Access offer unlimited bandwidth plans for multiple devices for only a few dollars per month. You can learn the specifics in our CyberGhost review and PIA review.
The extra cost comes with extra security, reliability and features. StrongVPN, despite its usability issues, provides a killswitch on Windows, which severs your internet connection whenever you drop from the remote server. That protects you from identifiable data leaking, as you can read in our StrongVPN review.
Plus, VPNs can bypass the harshest geoblocks. Perfect Privacy, for example, breaks into Netflix, which you can see in our Perfect Privacy review. While not the best VPN for streaming, it gets into streaming platforms and maintains a decent speed.
VPNs are also the only real solution for secure P2P connections. As you can see in our best VPN for torrenting guide, VPNs provide the best balance of security and speed for P2P connections, which proxies and Tor struggle with.
What is Tor?
Tor is supposed to be the pinnacle of anonymity on the internet. As we’ll see, though, that’s far from the truth. It works by bouncing your internet connection off of several nodes or relays run by volunteers. Think of it as using multiple proxies at once.
Many users gravitate to Tor because it’s easy to set up and free to use. Like any free service, though, it comes with drawbacks. Like proxies, Tor exit nodes, the last server your connection bounces off of, are recognizable. Because of that, websites can blacklist those IP addresses and your connection.
Tor nodes are run by volunteers, too, so there’s a question of your security. Many nodes are malicious and add malicious data to the packets you’re sending. That could have an impact on you, though not a large one if you’re using the best antivirus software. It’s a bigger concern for the websites you’re accessing.
Websites don’t block Tor nodes because they hate anonymity and want every piece of information about you. They do it because not blocking them is dangerous. It’s not clear where the traffic is coming from and what nodes it went through, so websites will block your connection because it puts them at a greater risk of being infected.
As for privacy, not everything is sound there, either. VPN providers, such as VyperVPN (read our VyprVPN review), have consistently asserted that Tor is a subpar solution for true anonymity, and for good reason. Massachusetts Institute of Technology researchers, and others, have been able to break Tor without cracking the encryption it uses.
The basic premise is that someone who’s snooping on a Tor connection can use traffic fingerprinting to determine what content a user is accessing. The data can be monitored and the packets counted to determine where the connection is coming from and where it’s going.
Plus, Tor is under constant scrutiny by government agencies because it’s often used for cybercrime. As you can read about in our guide to the deep web, which is different from the dark web, Tor is used by cybercriminals to connect to dark web websites in an attempt to mask their identity. Cybersecurity is made to be broken and the focus on Tor makes it all the more risky to use.
It has other usability concerns, too. Tor doesn’t work for P2P connections and is much slower than a proxy or VPN. You’re still encrypting your initial connection, but also having to bounce that connection off several servers before reaching your destination.
Which You Should Use
The only way to truly protect your web traffic, at least out of these three examples, is with a VPN. Proxies are convenience and speed-focused solutions that are suitable for bypassing basic geoblocks, and Tor focuses on brute-forcing anonymity at the cost of massive amounts of speed. VPNs strike a middle ground, giving you good speeds while securing your connection.
That’s all in theory, of course. There are plenty of slow proxies and VPN services around (just take a look at our BoxPN review), but you experience little to no connection loss with the fastest VPN services, especially if you connect to a relatively close server.
Connecting to a VPN through a Tor is the best case scenario for security because your location will be obfuscated and your connection encrypted. That said, adding complex encryption algorithms into the mix with multiple server bounces is a recipe for slow speeds. If security is of the utmost concern, though, that is the configuration we recommend.
It’s the setup to use if you’re trying to bypass strict censorship, such as that seen in China. The best VPN for China often support connecting to Tor and then to the VPN server. Some providers, such as AirVPN, make it easy, as you can read in our AirVPN review.
If you want to use the configuration, make sure to connect to Tor and then the VPN, not the other way around. Doing it that way provides two layers of encryption, making it almost impossible to track your online activity.
Doing it the other way around has a few drawbacks. Tor exit nodes are often blocked as websites can create a blacklist of exit node IP addresses, and your traffic is unencrypted as it enters the exit node, opening up the possibility of being infected with malware.
That’s ignoring the speed degradation that would come from using a VPN and Tor. For most of our readers, VPNs offer the best balance of speed and security. Tor can be used by those who constantly need to look over their shoulder, but providers such as ExpressVPN, which we rated as the best VPN provider, show that you can trust a service to anonymize your traffic.
You can learn about why we rate it first in our ExpressVPN review.
For most people, a VPN is the best choice, but that shouldn’t come as much of a surprise. VPNs are an evolving market in which people are holding companies accountable for their security practices. Proxies and Tor don’t have that accountability system, so your security is left to speculation.
That doesn’t mean they don’t have value, though. Connecting to a VPN through Tor is a slow but effective solution for true anonymity, and proxies are a fast and low-cost solution for basic IP masking. As an all-around solution, though, VPNs are best.
Do you agree or do you prefer to use something else? Let us know your thoughts in the comments below and, as always, thanks for reading.