When the vpn company is subpoenaed because someone saw suspicious traffic coming out of their servers, regardless of the number of people, the logs and connections would point directly to you.
Well like others have said before, the company most likely wont go down in flames in order to protect you. Not all, but I assume the major providers will roll over.
I would never expect a company that did log to refuse to give those logs to a court. That would be corporate suicide and executives would end up in actual prisons. I also wouldn't expect a VPN provider to refuse a court ordered warrant to begin logging your particular traffic or something like that. So if a company has appeared in court and failed to produce any logs and the court has accepted that information as not existing, it's hard to get stronger verification than that. And that has occurred with at least a few VPN providers (while a few have provided logs to the courts, proving they log).
The better VPN providers will be set up in a way that makes it difficult to touch them in the first place, e.g. they operate from a jurisdiction that sets a high bar for forcing a company to provide customer information.
I'm no expert on Tor but when I researched it years ago, it seemed like your privacy on tor was only as safe as the exit node you happen to go through. If you're in North Korea trying to get out and happen to go through an exit node run by the NK government, they could theoretically decrypt your traffic in some cases. If all the nodes you're going through are theirs, then they know exactly who you are even if they can't inspect the traffic.
Edit: I must stress I'm not an expert, and would love to hear if the above is wrong.
No, that's not entirely true. No single node in a Tor circuit knows both who the user is and what site they are going to. In order to compromise a user's anonymity, you need to do a traffic correlation attack (where you look at packets going through both the guard node and the exit node and match up the timing of packets). There are some protections against this attack in Tor (guard nodes are not changed often by clients, relays need to be running for a long time in order to be permitted to be guards, and there is some randomised traffic sent to the guard by the client) but it is definitely not a solved problem.
But of course, if you aren't using TLS then your traffic is not encrypted as it leaves the pipe. So obviously you should use TLS over Tor.
This is more or less true. The vulnerability of Tor is certainly the exit point.
Incredibly difficult to pinpoint you as the responsible party - but that information could certainly be outputting virtually anywhere, depending on the exit node.
thats not true, its well documented how various bittorrent clients can work through tor. the main drawback is that its slower than a direct connection, but that does not mean it doesn't work...
If the choice is between my ISP logging all of my traffic for whatever purposes they choose, commercial or otherwise, or adding the hurdle of someone getting a court order to get logs of my traffic, I'll take the added hurdle every time. I'm not worried about my traffic being "suspicious" - I'm not doing anything suspicious. You also aren't limited to using a single VPN. If you value your privacy spreading your browsing habits around to a variety of VPNs can only help you - there's no downside when the alternative is "trusting" your ISP.