The Search for Total Anonymity
When standard VPNs are not enough for journalists, whistleblowers, or privacy extremists, they turn to The Onion Router (Tor). Tor is an open-source network designed to facilitate anonymous communication by directing internet traffic through a free, worldwide, volunteer overlay network consisting of more than seven thousand relays.
The encryption within Tor is exceptionally robust. However, many users harbor a dangerous misconception: they believe that because Tor is secure, their Internet Service Provider (ISP) has no idea they are using it. This is flatly false.
What Your ISP Sees When You Run Tor
When you click the Tor Browser icon, your computer establishes an encrypted connection to the first node in the Tor circuit (known as the Entry Guard or Entry Node).
Because the list of public Tor Entry Nodes is freely available online, your ISP (Comcast, AT&T, Vodafone) simply cross-references the destination of your traffic against this public directory. Your ISP cannot see what websites you are visiting, nor can they read your emails—everything is heavily encrypted. However, their logs will clearly scream:
TIMESTAMP: 2026-03-12 14:02 UTC
CUSTOMER IP: 192.168.1.55 (You)
DESTINATION IP: 185.120.x.x (KNOWN TOR ENTRY NODE)
FLAG: ANONYMOUS ROUTING DETECTED
In oppressive regimes, simply connecting to the public Tor network is enough to flag your account for surveillance or trigger an immediate internet blackout for your household.
The ISP Perspective: VPNs vs Tor
How does this compare to running a commercial VPN?
- Using a VPN: Your ISP sees an encrypted stream of data flowing from your home IP address to a server owned by NordVPN, ExpressVPN, etc. They know you are using a VPN. They don't know what you are doing inside it.
- Using Tor over VPN: If you connect to a VPN first, and then open the Tor browser, the sequence changes completely. Your ISP sees encrypted traffic going to the commercial VPN server. They do not see Tor. The VPN server sees encrypted Tor traffic, but the VPN does not know who you are (assuming you bought it anonymously). This isolates your ISP from your Tor activity.
Defeating Censorship: Tor Bridges
If you live in a region where VPNs are blocked and Tor is illegal, you cannot connect to a public Entry Guard. Instead, you must configure the Tor browser to use Bridges (like Obfs4).
Bridges are secret, unlisted entry nodes that are not published in the main directory. Furthermore, Pluggable Transports (like Obfs4) scramble the network traffic so it doesn't even look like a Tor connection; it disguises the packets to look like random, garbled web traffic or a Skype video call, successfully bypassing Deep Packet Inspection (DPI) at the ISP level.
"Anonymity is a discipline, not software. Understand the path your data takes before you trust your freedom to it."