Neither a bridge nor a VPN offer perfect security, because 1. Bridges can be identified (although it is difficult to enumerate all of them because of the way they are distributed) 2. VPNs can see your entire connection, who you are (your IP address) and where you're going (the destination IP address). Even if they don't log right now, they could be compelled by LE to log your activity. However, the way to look at it is that each piece offers an additional layer of security. So, VPN + bridge + Tor > bridge + Tor or VPN + Tor > just Tor For the best (but not perfect) hiding of your Tor activity, get a VPN in a foreign country (to maximize jurisdictional issues), AND configure your Tor client to use an obfsproxy bridge. Actually, there's an even better solution, but it's more difficult to implement. Rent a VPS anonymously in another country and turn it into a private (unpublished) obfsproxy bridge. Someone watching your local internet connection won't know what the hell it is. It won't show up in the list of bridges if they enumerate those, and won't show up as a known VPN or proxy provider. The connection won't even look like a Tor connection (although the hand shake will, at least until obfs3 comes out). It will simply look like a box at a random hosting provider.