Countries like Iran and China routinely block public tor IP addresses, to get around this problem relays called tor bridges are not made public and only facilitated to users living in repressive countries after request. According to recent research from Internet security firm Team Cymru, China’s Great Firewall can distinguish in between normal traffic and tor traffic using SSL deep packet inspection, one factor used by the Great Firewall of China to detect tor traffic is the tor proxy SSL cipher list, in between others. Communications can not be read because they are encrypted but a bot attempts to connect to the suspected tor server IP passing itself of as a user, when it confirms it is a tor bridge via a successful connection the tor server IP is added to the list of blocked IPs in the firewall.
Iran has also been reported in the past for having an Internet censorship system able to identify the beginning of a tor proxy SSL handshake and interrupting the handshake.
Code Talker Tunnel disguises tor proxy traffic
SkypeMorh renamed Code Talker Tunnel uses traffic shaping to convert tor packets into UDP (User Datagram Protocol) traffic preventing deep packet inspection of tor data from being recognized as such. Code Talker Tunnel traffic shaping mimics the sizes and packet timings of a normal Skype video call, the developers of this tool at the University of Waterloo in Canada chose a VoIP client to hide tor traffic because the flow of data packets, sending a request and waiting for a response with a long pause during transmission resembles how a tor proxy server works.
SkypeMorph Code Talker Tunnel is a pluggable transport that will work with the own tor project developed obfsproxy a program for Mac, Windows and Linux users masking tor traffic as a different protocol specified using pluggable transports.