There is some way ssl strip occurs and multimedia streaming is blocked whether or not a vpn or tor or sandboxing or virtualization and a combination of all of these are used. That would mean some fundamental, near bare metal way of attacking TLS and codecs.
I will focus on tor for now. I understand that it is sometimes wise to obfuscate tor use from an ISP with bridges or tor through a VPN. I’ve read about ways to deanonymize entry guards based on using tor at multiple access points instead of just one or in one area. I’ve also read about exit nodes using SSL strip. So, I am thinking there must be a way to deanonymize due to how the circuit is built depending on use of obfuscation and connection through multiple access points. Otherwise, there must be unknown side channels that can attack bare metal protocol formations. Can someone explain the causes of what I am observing and unpack the recommendations for obfuscating that would preserve the highest entropy?