Using a VPN will not keep your browsing habits anonymous, nor will it add additional security to non-secure (HTTP) traffic.
If you are looking for anonymity, you should use the Tor Browser instead of a VPN.
-If you're looking for added security, you should always ensure you're connecting to websites using HTTPS. A VPN is not a replacement for good security practices.
+If you're looking for added security, you should always ensure you're connecting to websites using encrypted DNS and HTTPS. A VPN is not a replacement for good security practices.
If you're looking for additional privacy from your ISP, on a public Wi-Fi network, or while torrenting files, a VPN may be the solution for you as long as you understand the risks involved.
Download Tor Tor Myths & FAQ @@ -142,8 +142,11 @@ description: "Find a no-logging VPN operator who isn't out to sell or read yourIn most cases, VPNs do little to protect your privacy or enhance your security, unless paired with other changes.
VPNs cannot encrypt data outside of the connection between your device and the VPN server. VPN providers can see and modify your traffic the same way your ISP could. And there is no way to verify a VPN provider's "no logging" policies in any way.
In most cases, your traffic is already encrypted! Over 98% of the top 3000 websites offer HTTPS, meaning your traffic is safe regardless of using a VPN. It is incredibly rare for applications that handle personal data to not support HTTPS in 2019, especially with services like Let's Encrypt offering free HTTPS certificates to any website operator.
+In most cases, most of your traffic is already encrypted! Over 98% of the top 3000 websites offer HTTPS, meaning your non-DNS traffic is safe regardless of using a VPN. It is incredibly rare for applications that handle personal data to not support HTTPS in 2019, especially with services like Let's Encrypt offering free HTTPS certificates to any website operator.
Even if a site you visit doesn't support HTTPS, a VPN will not protect you, because a VPN cannot magically encrypt the traffic between the VPN's servers and the website's servers. Installing an extension like HTTPS Everywhere and making sure every site you visit uses HTTPS is far more helpful than using a VPN.
+The answer to this question is also the not very helpful: it depends. Your VPN provider may have their own DNS servers, but if they don't, the traffic between your VPN provider and the DNS server isn't encrypted. You need to trust the encrypted DNS provider in addition to the VPN provider and unless your client and target server support encrypted SNI, the VPN provider can still see which domains you are visiting.
+However you shouldn't use encrypted DNS with Tor. This would direct all of your DNS requests through a single circuit, and would allow the encrypted DNS provider to deanonymize you.
VPNs cannot provide strong anonymity. Your VPN provider will still see your real IP address, and often has a money trail that can be linked directly back to you. You cannot rely on "no logging" policies to protect your data.