Quote from: impatiens on September 13, 2012, 10:51 pmHIwhile using Tor allows us to use the web anonymously, can it still be seen by those looking that I was on Tor (and when and for how long) even though they cannot tell who I am on Tor or what I am doing?ThanksThat is correct. We aren't saying it is done, only that it can be done. Without actual detective work, this could become, ah, expensive.There are two issues.1. Tor traffic uses TCP and looks a bit like SSL traffic, but the size of the packets (actually cells in Tor terminology I think) is not consistent with SSL packets, so it is possible detect traffic heading to the Tor network. You can avoid DPI (deep packet inspection) techniques to find Tor users by using Obfsproxy.DPI is used by surveillance states to spy on their civilians. Think of it as a preemptive search warrant. It should illegal, but the public haven't a clue what's really going on. They don't realize it's the equivalent of the state knowing the exact contents of all their snail mail (but without opening it). Worse yet, they intend to store this information for years with the insane data retention programs they are currently devising. It makes the Stazi look like innocent doe eyed kindergarden pupils. The consequences of this are unbelievable. One day people will rue the day they didn't understand this was going on, but I shall not be one of those people. The concept of Anonymity vs Identity is going to become a very political issue in the mainstream, I think that is an understatement if anything.2. The entry node (entry guards) are not secret information. (These are the computers you connect to in order to enter the Tor network) So if your ISP sees you connecting to them, it knows you're using Tor. This can be avoided by the use of bridges. Read the Tor documentation in 'Help' for setting up a Tor public bridge, it is trivial to do (go to https://bridges.torproject.org, copy paste the bridges into "Settings -> Tick my ISP prevents me using Tor and enter into the box that appears"). Ideally you should use private bridges, but that's another story. You should be using ~3 bridges with SSL (denoted by IP address with port 443 such as 123.123.123:443) but not dozens or hundreds of them (or you'll eventually wind up on a bridge run by the adversary). Ideally you want just 1 permanently on bridge, what is called a persistent entry guard, which is where private bridges come in.1. If the enemy knows you are connecting to the Tor network, it knows who you are but not what you are doing.2. If the enemy then uses a timing or statistical attack on exit node traffic, it then knows what you are doing.Together, both elements blow your anonymity sky high.This does not however, apply to the hidden services in onionland because using these services does not involve the use of exit nodes (or DNS since you're not on the web, which means the web could be DNS blocked (unless you have memorized the IP addresses for all the sites you visit) and Tor would still work, cool huh?).Better yet, do all the above (private obfsproxy bridges), and run Tor which connects to those private obfsproxy bridges remotely at the other side of the globe. Then aircrack some wifi networks in order to connect to that remote machine. That would be a helluva step by step tutorial. Anybody up for it? ;)--kmfkewm/shannon and others, can you check the above to doublecheck what I'm saying is basically correct about the Tor network and the semantics are appropriate? I do not wish to be passing on misleading/inaccurate information accidentally, thanks.impatiens; if there is anything unclear, ask questions, this is after all an agora.If anybody wants lots more information there is a website par excellence:http://en.flossmanuals.net/bypassing-censorship/Read all of it! Lulz. But seriously, it's a fine site and more people should read it.