[pfundstein]

I'm not sure if you're aware but Tor has a specific mode for OP's situation, where it disguises traffic by using standard TLS on standard ports which looks no different to any other HTTPS traffic for example, among other things.

[marshray]

> which looks no different to any other HTTPS traffic

Last I heard Tor split all data up into 512 byte chunks. So the statistical distribution of packet sizes could still give you away.

In general, Tor does not hide the fact that you are using Tor.

[Gigachad]

I think the end solution is not to have TOR replicate normal randomish usage, but to have normal usage from everything go through a tor like process so that everyone looks the same.

[dotancohen]

That would require active participation of major entities who distribute HTTP clients, such as Mozilla, Apple, or the Chromium team. I cannot imagine them participating.

[wolverine876]

What mode is that?

Also, the traffic still goes to a Tor node.

Finally, the Tor Project works very hard, but they are outgunned. Security is significantly a matter of resources. Tor's small team has a hard time competing with well-funded state security actors (who can also buy exploits).

[ivann]

Obfsproxy.

You can also use bridges, which are unlisted Tor nodes.

https://support.torproject.org/censorship/censorship-7/

[smoldesu]

FWIW, Tor is maintained by the US Navy as a means of secure communication. If it's outgunned, it becomes a national security risk.

[schoen]

I think this is an exaggeration. The Tor technology was originally invented by researchers with the U.S. Naval Research Laboratory, who suggested that the system might be useful to Navy personnel among others. While Paul Syverson, one of those researchers, has remained involved with Tor since inventing it, no one from the Navy has ever publicly stated how or to what extent Tor is used by the military operationally.

Military researchers invent a lot of cool stuff, much of which theoretically could be useful to the military in some way, but you shouldn't take the military research pedigree as proof that something is necessarily useful for a particular application or threat model today, any more than being invented by people from a famous university means that a technology is good or is the best choice for some application.

A better case for the kind of considerations you mention might be found in infosec guidance that government agencies offer to other government agencies and contractors. For example, NSA has recommended that government agencies use AES to protect sensitive data, which doesn't mean that they think it's perfect (or would necessarily tell us if they knew of problems with it), but presumably puts some kind of cap on how bad it can be. I'm not aware of any government infosec authority that has publicly recommended that people inside the government use Tor.

[toomanybeersies]

The US Navy uses SIPRNet [1] for secure communication.

[1] https://en.wikipedia.org/wiki/SIPRNet

[schoen]

Very different concept from Tor -- this is about passing sensitive information between dedicated government facilities, not about hiding some of the details of your activity on the public Internet.

The argument for Tor's benefit for military personnel (which may or may not have panned out in practice) was all about protecting some of their activity on networks controlled or at least monitored by their adversaries. That's almost the opposite of SIPRNet.