Hide Tor use from the Internet Service Provider
The technical discussion which lead to this conclusion can be found here [archive]. The former version of this wiki page documenting some of the challenges in hiding Tor use from the ISP is still available here [archive].
As for hiding Whonix from network observers, this is a different subject which is covered on the Fingerprint page.
Some pluggable transports may seek to obfuscate traffic or to morph it. However, they do not claim to hide that you are using Tor in all cases but rather in very specific cases. An example threat model includes a DPI device with limited time to make a classification choice - so the hiding is very specific to functionality and generally does not take into account endless data retention with retroactive policing.
It is impossible to safely use a proxy to hide Tor. The connection between the user and the proxy is unencrypted and this applies to all proxies: http, https, socks4, socks4a and socks5.  This means the ISP can still clearly see that connections are made to the Tor network. This fact is only mentioned here because proxies are constantly (falsely) suggested as a solution whenever this topic comes up in public arenas.
- https://mailman.boum.org/pipermail/tails-dev/2013-April/002950.html [archive]
- http://www.webcitation.org/6G67ltL45 [archive]
- Comparison Of Tor with CGI Proxies, Proxy Chains, and VPN_Services
- For a reference for VPN/SSH Fingerprinting [archive] (w) [archive]. , see
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.
Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)