I know torrenting over Tor is bad, because it steals bandwidth from those who really need it. But if I had qBittorrent (binded to Mullvad) running in the background and then started running Tor Browser, would that negatively affect the network?
Then you wouldn’t be torrenting over Tor, you’d be torrenting through a VPN. And also using Tor with a VPN, which is not recommended.
For more reading https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN
You can route Tor through VPN/SSH services. That might prevent your ISP etc from seeing that you’re using Tor (VPN/SSH Fingerprinting below). On one hand, VPNs are more popular than Tor, so you won’t stand out as much, on the other hand, in some countries replacing an encrypted Tor connection with an encrypted VPN or SSH connection, will be suspicious as well. SSH tunnels are not so popular.
Once the VPN client has connected, the VPN tunnel will be the machine’s default Internet connection, and TBB (Tor Browser Bundle) (or Tor client) will route through it. This can be a fine idea, assuming your VPN/SSH provider’s network is in fact sufficiently safer than your own network.
Another advantage here is that it prevents Tor from seeing who you are behind the VPN/SSH. So if somebody does manage to break Tor and learn the IP address your traffic is coming from, but your VPN/SSH was actually following through on their promises (they won’t watch, they won’t remember, and they will somehow magically make it so nobody else is watching either), then you’ll be better off.
as long as your traffic goes PC -> VPN -> Tor -> web server, there’s nothing really wrong with that. Instead of your ISP being able to tell you’re using Tor, it will be your VPN who knows that you’re using Tor. But there’s nothing really wrong with that.
What you should never do is PC -> Tor -> VPN/proxy -> web server.
Just commenting to agree with you. I see way too many “OpSec bros” on Lemmy try to say that using a VPN with Tor is a good idea
I’m one of those opsec bros. I tunnel all of my traffic through a VPN, that I can pay with anonymously. That means my local ISP does not get direct view into the traffic I’m creating.
When I browse tor, it is on top of that always on VPN. It is sufficient for my threat model, I have thought about it, and I am happy with that trade-off.
In my circumstances my local ISP, is less trustworthy than mullvad. My local ISP is required by law to keep a record of all traffic flowing through it, so I lose nothing by using my VPN. In fact my VPN is strictly better, because they say they don’t log all the traffic… And even if they do, it just falls back to the same level of crappiness that my ISP has.
Check out I2P and qBittorrent
The other comments almost got it right. If you had your torrent client bound to Mullvad and then opened your Tor Browser… your torrent client would be running over the VPN tunnel (Mullvad) while your Tor Browser would be sending all its traffic over your vanilla ISP and through… the Tor network (unless you also bind it to Mullvad). You’d effectively be “split tunnelling” your traffic, which is actually a good use-case for Tor anyhow.
There’s a lot of debate about whether it’s fine to run a VPN tunnel (OS-wide) before you fire up your Tor Browser… effectively you’d be pushing your Tor traffic through the tunnel to the VPN’s entry/exit nodes before it got to/left the Tor network. Some say it’s a security risk (if you don’t trust the VPN provider, for instance. Which is valid if you’re using some of the scummier providers). You need to do some research and understand the implications of doing that, before just mashing buttons.
You can also fire up the Tor network system-wide if you’re crafty and then create an encrypted VPN tunnel to go over that, so all of your VPN traffic would be travelling over and through Tor nodes before it reached the entry/exit nodes of your VPN. It can work both ways. There are cases for both options, if you know what you’re doing… which is a huge caveat.
Overall though, no. Please don’t torrent over Tor. As you say, it’s not necessary and eats bandwidth from an already slow network protocol. A VPN is more than sufficient for that purpose. If you wanna get more secure than that, make sure you’re running an encrypted DNS solution (or resolve your DNS locally if you know how to do that) and profit. Then your ISP can’t see shit. They’ll still probably traffic-shape and throttle you, simply because they can tell it’s going out over an encrypted tunnel of some kind… but they’ll never be able to see what specifically you’re up to.
I see the argument made a lot that you shouldn’t take away bandwidth in the tor network from people that really need it, but consumed bandwidth is way lower than the total available.
This is from the tor projects metrics site:
