If I have understood well to avoid these scenarios
scenario 1)
- a) User uses VPN IP A on the host, thereby using it as it’s first relay.
- b) User’s Tor client happens to pick a Tor exit relay running on VPN IP A.
- Conditions a and b match at the same time. The user is now using the
same IP as first and last proxy.
–> By using the VPN the user did not get more, but less secure.
different scenario 2)
- a) User sets up a VPN inside Whonix-Workstation. Thereby that results
in user -> Tor -> VPN -> internet. Using VPN IP A.
- b) A Tor entry guard is being hosted on VPN IP A.
- Conditions a and b match at the same time. The user is now using the
same IP as first and last proxy.
–> By using the VPN the user did not get more, but less secure.
*Choose a VPN that doesn’t resell his servers
*Use a VPN that has used by few tor users
*Use/Create a “personal” VPN that nobody can use