Hello, I had a few questions regarding using tor on GrapheneOS. I will admit that I am not too knowledgeable when it comes to tor, but I do intend to learn. The questions are the following:

  1. Right now I am using InviZible Pro for connecting to Tor, and it becomes enabled as a system wide VPN with the killswitch on. My main use for Tor is "anonymously" browsing in Vanadium (not providing pers data, etc. just visiting websites such as Reddit and reading manga). My question is, could my identity/privacy be compromised from the fact that Tor running as a system wide VPN means all the other apps I have in the background are also connected through it (for example Signal, mail app, etc.). Since these connections are made by the apps (that have my accounts logged in), could that be correlated back to my browsing in Vanadium and reveal my identity? I do realize that this could depend on threat-model as well.

  2. I know this is a heavily-discussed topic, but I have seen both positive comments and negative comments about it, so I am a bit lost. Should I or should I not use a VPN to connect through Tor? Some have said it has the benefit of hiding your real IP should anyone figure out who you are connecting through Tor, but others have dismissed it as redundant.

Thanks.

So, when asking yourself "could I get tracked" think about who might track you.

Signal... probably wont. They see you are using Tor (some exit node that a lot of others will be using too) and thats it.

The tor circuits change all the time too, so yes some server you connect to sees your IP, and if the same malicious person behind that server may also control a backend for an app you use, they might be able to track you with that.

But this is only likely in specific scenarios.

Tor is way better than selfhosting a VPN server, poorly. Public VPNs are now blocked often, selfhosted are even more unique than being at home with multiple people in your LAN though.

And as a selfhosted VPN doesnt change, this is perfectly identifiable. So Tor is not a problem, a selfhosted VPN will be. A public VPN is also less likely to be, but it may not switch servers for days (auto-reboot) as VPNs are not made for privacy but for a stable and secure connection to a LAN.

Be carefull about using any browsers other than the official tor browser. I’m not sure of the ‘rules’ on mobile, but across the desktop space, unless you use the official tor browser as it is without modification, then you risk more chance of being fingerprinted and standing out in the crowd. I can’t see why it would be different on Android, although on iOS it’s impossible to use the exact official browser, although there is a semi recommended choice on there.

    mmmm Yes, I realize that would be the biggest problem when it comes to using Tor with Vanadium, as Vanadium is not very fingerprint-proof. Thanks for the input.

      So, from what I can tell, is the general consensus that Tor shouldn't really be used on mobile / GrapheneOS? In other words, is using Tor Browser on desktop or even a live OS like Tails the better option?

        DeletedUser89
        I believe the answer is just use the Tor Browser Android app for Tor things rather than setting up elaborate routings.