How to stay Anonymous online in 2020: VPN, TOR, WHONIX & TAILS

In many applications including surfing the internet, chatting, sending confidential documents anonymity has become a necessary and legitimate desire. A piece of information can be encrypted by using many encryption techniques, but it will only give you the encrypted content and will not hide your identity because It is still possible to know the source and destination of the communicating end.  Anonymity in a business network can be devastating as it can make an organization vulnerable to security risks, liability and potential litigation and it is very useful for your competitor to know your moves. Moreover many renowned big companies like Amazon, Microsoft, and Google have collected your personal information in order to serve up targeted ads.

There is nothing wrong to be anonymous and controlling your own personal privacy if you are doing the legitimate business. Several ways are present to ensure your privacy while browsing the internet


VPN is the acronym for the Virtual Private Network, a technology that allows you to connect to one or more computers by using a private network from public internet connection. Your IP (internet protocol) address is the prime identity number that Internet provider assigns your computer to let you go anywhere on the Internet. It’s exactly like the house number on your home.  It masks an IP address so all online activities are virtually untraceable from any one. User’s initial IP address is replaced with one from the Virtual Private Network provider so that a communication take place without being tracked, monitored, and identified.

Why VPN is called a network because you’re using a special network of VPN servers that covers the entire globe.

How does VPN Work?

VPN works in a way to bypass censorship by creating a pathway within a client and server ends with different control points through which data packets travel. When using a VPN an encryption and authentication layer is applied to that pathway in order to protect the traffic and data packets travel. Data packets travel through virtual, private and secure channel. This technique is called VPN Tunneling which creates a secure communication channel within network of computers.

How does VPN work

Drawbacks of VPN

For end-device users, VPN might be an easy set up since you just need to download your VPN application and install it on your device but it has the drawback of being monitored from VPN service providers as they allow you to use their private servers in exchange for your data. There have been cases where VPN service providers are monitoring the data from their users for their own benefits in that way your communication is not all private but be monitored by service providers.

What is TOR?

The Onion Router (TOR) is a free and open-source software for enabling anonymous communication. It is designed to stop people tracking your browsing habits including government agencies and corporations. The name (The Onion Router) refers to the way that Tor protects your data by wrapping it in multiple layers of encryption like an onion.

How does TOR work?

TOR Browser routes all web traffic through the TOR network, making it anonymous. As the image below shows, TOR consists of a three-layer proxy, like layers of an onion. At first, TOR Browser connects at random to one of the publicly listed entry guards, bounces that traffic through a randomly selected middle relay, and finally directed the traffic through the third and final exit relay.

how does tor work

Drawbacks of TOR

One of the drawbacks of TOR browser is that your ISP can see that you’re connected to TOR hence it can draw attention to you. Although, your ISP can’t see your activities but it will raise suspicion about what you’re doing.

Another drawback of using TOR browser is that it only hides traffic going through TOR network and won’t anonymize other apps on your computer hence not completely giving the concept of anonymity.


Whonix is a Debian based Linux operating system used to provide anonymity, privacy and security on browsing the Internet. It consists of two main components i.e. Whonix workstation and Whonix gateway.

Both components are VirtualBox virtual machine appliances, so as to run it on any operating system that has VirtualBox.

How Does Whonix Work?

At first the Whonix workstation and gateway are configured on host machine. Workstation consists of the desktop application, routes all of its traffic to the gateway which is connected to the workstation. The gateway is further connected to the TOR network for accessing the internet. Whonix gateway is the only way for the workstation to transmit the information through internet because the workstation is an isolated machine and it has no idea about its own host IP and configuration.

From the image we can see that all the traffic that is directed through the gateway is TORrified while the traffic from the host machine in non TORified.The host machine does not participate in the Whonix private network and that is why continues to use its normal internet connection.

how does whonix work

It is a huge advantage of isolating the workstation from a network to keep an IP address private even if any application in a Whonix workstation is compromised, it is almost impossible to reveal your IP because it does not know your IP.

Drawbacks of Whonix

Although Whonix provides transparency of your IP address, it has a notable disadvantage in terms of physical security. If your host machine is ever compromised, all the stored personal information and your internet browsing activity could be discovered easily.


If your goal is to leave no trace of every activity you did on the host machine then choose Tails. Tails or The Amnesic Incognito Live System is a live Debian based linux operating system that aims to provide privacy and anonymity. You can start TailsOS on almost any computer from a USB stick or a DVD. Tails sends its traffic by using TOR network, leaving no trace on the system you are using.

Live means it runs on the medium typically a USB, immediately upon starting the system. The entire operating system lives on that USB. All you have to do is first download the live operating system, write it on a USB, insert it to the system, after turning it on you will get a live operating system simply boots from a USB device.

tails OS linux

The portability of TailsOS solves the problem of physical security as if your USB device ever gets lost or compromised, there will be no personal information present on that USB as well as the system on which you have inserted that USB and nothing can be learned about your specific usage.

And The Winner Is?

As we have seen there are many techniques and tools available to hide a person’s identity while browsing the internet. The above mentioned techniques provide anonymity at some point and has some notable drawbacks which can lessen the degree of anonymity so by comparing VPN, TOR, WHONIX and TAILS, the technique that is said to be the best practice for providing complete anonymity as well as safe and secure communication is TAILS as it gives you complete security for traffic transmission, privacy of identity and the physical security.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...