I believe what I’m about to write is correct - but would be helpful if someone else could confirm or refute.
If your adversary can observe both your entry & exit points to Tor, then they can conduct timing attacks to link traffic at both ends (as described here: How can we help? | Tor Project | Support). In practice, this is difficult because Tor randomly chooses new circuits and monitors for entities that acquire a large proportion of Tor nodes.
However, if you place a static proxy (vpn, socks, etc) at the end of your chain, it makes this attack significantly easier since your connection is long-lived and therefore, continues to use the same Tor circuit during its lifetime. Your adversary now has more chances to correlate traffic between the start and end points.
Your adversary is signficantly more powerful if they happen to be a government that also has access to the nation’s ISPs. Now your adversary no longer needs access to your entry guards, since it can view traffic patterns at your origin - your ISP. If your destination (proxy, website) is also in the same country, the government can observe the encrypted traffic as it arrives to your destination’s ISP. Tor: The Second-Generation Onion Router
Conclusions / Best practices:
- Don’t hinder Tor from doing its job by altering traffic flows. Stream isolation and circuit rotation are important.
- Don’t connect to destinations that you can’t trust to protect your privacy. If you connect to a backdoored or collaborating website, half the battle is lost. Adversary only needs to have visibility on your origin.
- It doesn’t matter how many hoops you jump through in the middle (or how many countries you route through) - it’s the ends that matter: How can we help? | Tor Project | Support
- Against an adversary with full visibility, anonymity is compromised (though of course, content remains encrypted).