A dude got caught making bomb threats at Harvard because he was the only one in his university that connected to TOR and they knew from the entry node it had to be from that area. They checked the logs and only one PC had directly connected to the TOR network from that area at that time. The guy wanted more time to study.
And a separate flash with your password database, PGP keyring and an encrypted files vault. If you need to go or to destroy/hide evidence, a flash drive is much easier, specially when the task force going after you is more worried about hard drives and laptops and usually gloss over flash drives at least initially.
Depends on what you wanna do with TOR. If you wanna be anonymous in your regular internet browsing and torrents, go with a good quality paid for VPN with no logs, like mullvad or proton. You don’t need TOR at all. You’re not worth the hassle.
If you’re trying to commit chill crimes like ordering drugs online, then you should probably look up the DNM bible. Just TOR and maybe a bridge is enough probably, if people where you live in don’t use TOR. LEO can’t see your traffic but if you’re the only one using TOR in your neighborhood, it’s pretty easy to pin you.
If you’re a journalist and you’re about to piss off a powerful government, you probably need a bridge and TOR and a laptop with no hard drive. You will probably need some self hosted machines to obfuscate your traffic which you will need to recycle really often. You shouldn’t use a phone. You also need a lot of money and a lot of help, specially in countries that are against the country you’re pissing off. Opsec becomes a full time job, depending on how many friends you have.
If you’re trying to run a drug empire or distribute CSAM, getting caught is merely a question of when no matter what you use, because even politically divergent countries and organizations will unite to put you in jail, even if they’re normally on the crime side of things. Nobody likes CSAM distributors and drug empires usually don’t make a lot of friends and make way too much money to keep the ones they do.
This horse has been beaten to death. There are literal computer science papers debating this specific issue. More than one even. Refuting you here is just a waste of time. Go read those much more comprehensive papers than anything that could be written here. Just use your search engine of choice and type Anonymity, TOR and VPN and watch as a world of refuting unfolds in front of your eyes. Academic, scientific, peer reviewed, quality refuting.
At the end of the day you use whatever you feel like using. It’s your machine, possibly your freedom at stake. Go ahead, use whatever you please.
Mullvad has written a post about it Here.
FYI
I gotta say, i am really impressed with Mullvad. They’re not just a VPN seller. They write security compromise bulletins regularly and as soon as vulnerabilities show up and they actively lobby at the EU organs for more privacy laws. They really work and live their identity in every way.