Quote from: j789745 on November 25, 2011, 06:49 pmYour ISP is capable of seeing that you're using TOR, just not what you're doing with it. Yeah, not so true.Tor disguises itself as SSL traffic, and Iran recently figured out that their Cert expiries were too short-term, and used that to recognize and block Tor traffic.Tor devs responded the same day.From ames on the Tor dev blog:QuoteHow did the filter work technically? Tor tries to make its traffic look like a web browser talking to an https web server, but if you look carefully enough you can tell some differences. In this case, the characteristic of Tor's SSL handshake they looked at was the expiry time for our SSL session certificates: we rotate the session certificates every two hours, whereas normal SSL certificates you get from a certificate authority typically last a year or more. The fix was to simply write a larger expiration time on the certificates, so our certs have more plausible expiry times.There are plenty of interesting discussion points from the research angle around how this arms race should be played. We're working on medium term and longer term solutions, but in the short term, there are other ways to filter Tor traffic like the one Iran used. Should we fix them all preemptively, meaning the next time they block us it will be through some more complex mechanism that's harder to figure out? Or should we leave things as they are, knowing there will be more blocking events but also knowing that we can solve them easily? Given that their last blocking attempt was in January 2011, I think it's smartest to collect some more data points first.And keep in mind they are talking about filtering out Tor traffic, not identifying it exactly. There are other ways to filter out Tor traffic, but that also takes out other important, business like traffic, and even Iran is hesitant to do that.Your ISP will have no idea you are using Tor, although they could say you *might* be, or maybe you just have a lot of SSL traffic, or a VPN, or encrypted transport torrents...