Data fragments viewable when using Tor on 3G or 4G

[MrFibreOptic]

Lets say i want to go on tor on my tablet, i maybe use a private VPN and use my contract mobile data 3g/4g. if im assuming theres no leakage from the VPN, what info can either lets say Android receive or my network provider mine?

 

[Skylyne]

Well, if you plan on using a VPN, then your security is really based on how your phone handles the VPN connection. If you're using a VPN that has encrypted traffic from your device to the network, then (theoretically) your carrier has no visibility of your actions. Connecting to the TOR network would also act as another barrier from your carrier, as your traffic is redirected through a number of nodes before actually connecting to whatever site you are trying to access.

In theory, this isn't a bad method of minimising carrier snooping. The harsh reality is that traffic over the TOR network, connecting to clearnet sites, is fairly easy to snoop on in general. Would your carrier be watching the TOR network? No; but using the TOR network to connect to clearnet sites, after already using a secure VPN, is going to do nothing to help you. If anything, using TOR is going to be the weakest point in your security chain.

Stick with a VPN, and only use TOR if you're accessing onion sites; that will give you the best security, without compromising anonymity. Not to mention, TOR nodes have no real rules about logging traffic; so you might be compromising more than just anonymity when using TOR. Using a quality VPN, that makes it clear they have zero logs, is going to make things more secure for you when using clearnet sites.

 

[Skylyne]

I should also add that TOR is also going to slow down your browsing speeds significantly, unless you're able to pick which exit node you use, and you know the exit node has a high speed internet connection. Using a VPN will give you better connection speeds, as well as minimal security compromise.

I really like TOR, but there are many issues that need to be addressed.

 

[MrFibreOptic]

Well, if you plan on using a VPN, then your security is really based on how your phone handles the VPN connection. If you're using a VPN that has encrypted traffic from your device to the network, then (theoretically) your carrier has no visibility of your actions. Connecting to the TOR network would also act as another barrier from your carrier, as your traffic is redirected through a number of nodes before actually connecting to whatever site you are trying to access.

In theory, this isn't a bad method of minimising carrier snooping. The harsh reality is that traffic over the TOR network, connecting to clearnet sites, is fairly easy to snoop on in general. Would your carrier be watching the TOR network? No; but using the TOR network to connect to clearnet sites, after already using a secure VPN, is going to do nothing to help you. If anything, using TOR is going to be the weakest point in your security chain.

Stick with a VPN, and only use TOR if you're accessing onion sites; that will give you the best security, without compromising anonymity. Not to mention, TOR nodes have no real rules about logging traffic; so you might be compromising more than just anonymity when using TOR. Using a quality VPN, that makes it clear they have zero logs, is going to make things more secure for you when using clearnet sites.

Good info, so from leakage, at the basestation you are giving up IMEI and IMSI and connection details, network provider will record your vpn ip address And traffic statistics. I imagine looking at bit patterns and data rates you might possibly be able to tell you are surfing tor?

 

[Skylyne]

Well, one might be able to guess if you are doing picture viewing, video streaming/downloading, and so on; but if the traffic is encrypted from your device straight to the VPN, your provider won't see any clear data traffic. Now, I'm not entirely sure how mobile data traffic works... so I'm not 100% sure you can get encryption from your phone to the VPN; but if you can, then that would be the case.

From my experience, it's always better to stick with a computer for secured connections. The worst part with using mobile devices (like phones/tablets) is the methods for hijacking signals are far easier than with computers, IMHO.

 

[Willie0]

It is much easier for a computer to connect to a VPN than using mobile phones. It would also work than the phones.