I had posted on the forum 5 or 6 months ago about how to make the client harder to detect. (I can't remember the title of the post atm.) So allow me to reiterate:
The post involved making the Bitcoin client select a random port to bind to and not offering a handshake upon connecting to it. Make the connecting party send the handshake. This would improve privacy a LOT.
An attacker would connect to some random port on your computer and get dead air. A valid Bitcoin client connecting to your computer would *send* a handshake to invoke a response from your computer. (Why should it volunteer to identify itself? lol?)
I also think that the Bitcoin clients should emulate what TOR has recently done (as of 3-4 versions ago). TOR's bridge system spoofs the SSL to look like Firefox connecting to Apache.
![Tongue](https://bitcointalk.org/Smileys/default/tongue.gif)
Bitcoin should do the same.
If the Bitcoin clients just looked like thousands and thousands of Firefox browsers connecting to Apaches on random port numbers it would make a passive attack (DPI) a waste of time.
The only vector for attack at this point would be someone running a valid node and looking at the IP seed files. If you are in a country where running Bitcoin is illegal you should be running Bitcoin over TOR (or some other onion/garlic network) or not running it at all.