Coffee with VPNs, Proxys, and TOR

1. VPN (Virtual Private Network)

Imagine walking into a coffee shop, and after placing your order, you request a private booth. The barista directs you to a completely soundproof, enclosed space where you can enjoy your coffee in total privacy. No one can see you, no one can hear you, and none of the other customers in the shop even know what you're doing. When you want a refill, you simply press a button, and the barista discreetly delivers your coffee without anyone noticing. You’re entirely hidden from the public eye, and your activities inside the booth are completely secure and private.

This is how a VPN works. It creates a secure, encrypted connection between your device and the internet, like that private booth. Everything you do online is hidden from prying eyes, ensuring that no one, including your Internet Service Provider (ISP) or hackers, can see what websites you’re visiting or what data you're sending and receiving. Your online traffic is shielded, just as you are when sitting in that secluded booth.

2. Proxy Server

Now, let's imagine a slightly different scenario in the same coffee shop. This time, instead of ordering directly, you give your order to the barista and ask them to fetch your coffee for you. The barista walks over to the counter, places the order, and brings it back to you. From the perspective of everyone else in the coffee shop, it looks as if the barista is the one ordering and drinking the coffee. No one else knows that you're the real customer behind the request—they just see the barista acting as your middleman.

A proxy server functions in much the same way. Instead of connecting directly to the internet, you send your request to the proxy, which then forwards that request to the website. The website only sees the proxy's request and sends the information back to the proxy, which then delivers it to you. In this setup, your IP address and identity are hidden, but the proxy knows both who you are and what you’ve requested, acting as the intermediary between you and the website.

There is a lot i didn't get into here such as forward and reverse proxy's and proxy chaining but i just wanted to give a good relatable feel on how they work.

3. Tor (The Onion Router)

Now that you’ve got a sense of how a proxy works, let's dive into something more complex: Tor (The Onion Router). Imagine walking into the same coffee shop, but this time you decide to be extra careful. Instead of ordering your coffee directly or through one barista, you write your order on a note. You don’t hand the note to the barista yourself—instead, you pass it to a mysterious stranger sitting at a table. That stranger doesn’t know what’s in the note or where it came from, but they pass it on to another person sitting at another table. This happens again, with the note being passed through three different people before finally being delivered to the barista.

The barista prepares your coffee and hands it back to the last person in the chain. The coffee is passed back through all three people before reaching you. Throughout this process, each person only knows who handed them the note and to whom they should pass it. No one knows both where the note came from (you) and what the request is (your coffee order). The people involved can only see their small part of the exchange. Even the barista (the website, in this analogy) doesn’t know who originally ordered the coffee—they just see the last person in the chain.

This is how Tor operates. When you use Tor, your internet traffic is routed through several nodes, each one only knowing the previous and next stops in the journey. Each node peels off a layer of encryption, but no single node knows both where the traffic originated and its final destination. The multiple layers of encryption (hence "onion" in The Onion Router) ensure that your identity and activity are almost impossible to trace. To the websites you visit, it looks as though the request is coming from the last node (the "exit node"), not from you.

Putting It All Together

So, when we compare the three: with a VPN, it's like sitting in a private booth—no one can see or hear what you're doing, and everything is fully encrypted from the start. With a proxy, it’s like asking the barista to fetch your coffee—you stay hidden, but the barista knows who you are and what you want. With Tor, it’s as if your request is passed through several people, with each one only knowing a small part of the process. This ensures a high level of anonymity.

DO NOT use a VPN with TOR unless you know how to do it safely - Below are some helpful resources

VPN services and Resources

My Recommendations:

• Proton

  • This is what I use and personally use to which I am partnered with because of how strongly I believe in this service. it also has a full suite of resources like e2ee email.

  • Here is a good video with David Bombal and Andy Yen (CEO of Proton).

  • Here is a directory of all of Protons Source code including the VPN service I recommend checking it out.

  • Proton is a Swiss based company you can find their privacy policy here .

    • Here is a digestible article on Swiss laws on privacy as of 2024.

• Mullvad VPN

  • Community favorite for years it has been a go-to and highly trusted among the hacking and cyber security community's

  • Here is a great articles on why privacy matters on Mullvad's website and my go-to reference to people looking to be more privacy focused. The articles there are just so good and well put together .

  • Here is a good video from The Mental Outlaw on how mullvad accepts payments in monero crypto for extra privacy.

• Make your Own

  • I only recommend services I have tested myself if the recommendations I have listed do not align with you then I encourage you to simply make your own.
    Here are some good resources to help you with that:

    • https://youtu.be/rtUl7BfCNMY?si=LiRk_UAETmMKNo7y - Raspberry Pi

    • https://www.expressvpn.com/blog/how-to-create-a-vpn/ - Windblows based

    • https://www.freecodecamp.org/news/how-to-set-up-a-vpn-server-at-home/ - Debian Based

    • https://github.com/angristan/openvpn-install - some code I have used - note: always read your install.sh scripts

• Learn more about VPNs:

  • Networklessons.com - great quick intro article

  • How a VPN Works by animagraphs - Actual gold of a video on global networks in general, when I was first learning how the internet works this was my go-to.

  • https://en.wikipedia.org/wiki/Virtual_private_network - Wikipidia

Proxy Resources

• Manipulating the web through a Proxy

  • No Better place then PortSwigger and their product Burp Suite

• Proxys in Your favorite browsers

  • Firefox

  • Brave

• Learn more about Proxys

  • https://en.wikipedia.org/wiki/Proxy_server

  • Network Chuck - just build you own, great way to learn

  • https://www.fortinet.com/resources/cyberglossary/proxy-server

TOR Resources

• TOR Website

• The TOR blog

• Layering Proxies/VPNs with TOR