Tor is far stronger against passive attackers (who merely observe traffic) than typical VPN arrangements. That's because there are so many Tor relays, and so so many (more or less factorially) possible circuits, and because circuits are periodically rebuilt. It's rather like (loosely speaking) you created a multi-hop VPN setup, using servers from multiple providers, and periodically changed your setup, using different servers in different orders. With single-hop VPNs, attackers need only observe traffic entering and exiting the VPN server. Identifying which VPN server to observe is trivial, whichever end (you or the website that you're accessing) an attacker is starting from. Once an attacker correlates entry and exit traffic, it can confirm the correlation simply by blocking one or the other. They can also request logs for that VPN server. It's more complicated for multi-hop VPNs. Incoming connections to the VPN exit server are not merely VPN tunnels from individual subscribers. Rather, they are VPN tunnels from other VPN servers, which are carrying traffic from multiple subscribers, who are connecting through multiple entry servers. Also, those connections may involve multiple VPN providers. But multi-hop VPNs are still more vulnerable than Tor to passive attackers, I think. However, assuming passive attackers is unrealistic, and Tor arguably becomes more vulnerable, because attackers can freely join Tor (but would need to take over VPN providers). There's a huge literature on this, and I won't even attempt to summarize it. It's my impression that deanonymizing Tor users would be harder than deanonymizing users of multi-hop VPNs. But that's really just a wild guess. Given all that, the most secure choice is using VPNs through Tor through VPNs. But that's very slow. Using VPNs through VPNs (user-level multi-hop) is probably good enough for most of us, most of the time.