Ive used Tor. Tor is fully compromised by fbi and probably other intelligence orgs by owning the exit nodes. However unless youre doing something worth burning fbi assets and time on, then you are completely anonymous

VPNs are nice so your ISP doesnt doxx you, or to bypass location dependent filtering

What are we referring to

How could I get doxxed through this thingy

Your ISP is not going to casually doxx you but their threshold is lower than fbi. They can also be subpoened.

Bottom line. Dont do stuff thats illegal and VPN should be sufficient.

Thanks for the fast response. @Perihelion - CA @Mark Vandal hope that helps you out bro

It should be noted you can always give away your net identity using compromised browser or just doxxing yourself, e.g. start tor then login to google account in chrome.

for almost all purposes though, this isn't an issue

One big note about Tor. You can deanonymize yourself through sloppy browser usage. Basically if you start a session with a site before activating the onion protocol, and then activate it, your browser is going to keep the session open basically telling them: "HEY REMEMBER THAT GUY WHO WAS JUST HERE? YEAH? YEAH, I'M THAT GUY! YEAH MAN I'M TOTALLY THAT GUY." Don't do this.

best practice is use a browser dedicated to the onion protocol that starts tor on startup

spoilers: the darknet is pretty boring and mostly edgy larp

Privacytools.io read it

IP can give a lot of info even without ISP's cooperation. See this article: https://askleo.com/finding_the_owner_of_an_ip_address/

VPN will prevent this information from being disclosed.

@Mark Vandal going to have to disagree with @Perihelion - CA here. I think you should look up how TOR works, it's not complicated and I think you will see why I think it is the best method for privacy. All a VPN does is route all your traffic through a 3rd party so if they are compromised for whatever reason then all your privacy goes out the window. That can't happen with TOR because no one along the traffic route knows what is the information they are carrying and who it is going to or where it came from.

Sort of. You can be de-anonymized by compromised tor exit nodes. The FBI has done this. But as long as you're not trying to break the law in a way FBI is going to burn assets on, this isn't a problem.

VPN is pretty safe for all legal uses. Unless their management is corrupt (possible you must do your research), then they have to be subpoenaed to compromise you and some don't even keep sufficient records to comply with a subpoena.

neither technique is going to help you if you login to your google account in chrome though

If you use a VPN to login to twitter, twitter is going to see the VPN IP address. All they'll know is that you're a customer of that VPN plus whatever meta data your browser discloses. However if you login to that same twitter account from your android phone without a VPN at a later date, chances are that can be used to pinpoint your location or find your smartphone ISP (phone company).

One thing to keep in mind is that all this cross tabulation takes a lot of work and most people are not going to do it unless you really rustle their jimmies.

@Perihelion - CA As long as they have a no logs policy, you should be good. Nord VPN can even do Onion routing for your traffic.

that's nice but the single weakest point in a VPN is the owners

not sure who the nordVPN owners are and neither does anyone else on clear net apparently

of course someone knows who they are

anyhow, there's no such thing as perfect security

You are safe if:
Cost to de-anonymize you > cost of letting you stay anonymous

Agreed, their secrecy may be to avoid pressure from authorities or they could be glow in the dark. I just know their jurisdiction country is Panama which is outside of fourteen eyes.

If you are worried about state level actors then you're asking the wrong people for security advice.