I think you might be getting confused by “fingerprinting” there are two kinds.
-
Network based fingerpringing assumingly by a network operator such as a carrier or internet provider and is trying to determine if the data moving “is tor” or “is vpn” etc.
-
Browser based fingerprinting is typically done by the remote site, and is about similar characteristics in the user’s behavior, browser and device - that is usually then passed to an advertiser who wants to identify the same user across multiple services.
The page you reference is about the first kind and is in relation to using a VPN may not necessarily mean a network provider can’t identify you’re also using Tor as well.
An alternative link to that paper is here: https://www.freehaven.net/anonbib/cache/ccs2012-fingerprinting.pdf
Web browsing privacy mechanisms, such as SSL, Tor, and encrypting tunnels, hide the content of the data transferred, but they do not obscure the size, direction, and timing of packets transmitted between clients and remote servers
As a result, researchers have proposed several defenses, primarily aimed at hiding packet size information. For example, Tor packs all data into 512-byte cells. Other mechanisms pad packets in a variety of ways (e.g. padding to 2k bytes, or padding all packets to the MTU). Wright, et al., proposed traffic morphing, which pads and fragments pack- ets so that the resulting distribution of packet sizes appears to be from a different web page [26]. Dyer, et al. showed that all these schemes are broken [6].
Another similar article I read years ago was this one: My Experience With the Great Firewall of China (14 Jan 2016). You can expect that these systems are a lot more advanced than they were back then. China also exports the GFW to other oppressive regimes, so it’s not just in use in China. This is why some VPN providers (Mullvad and IVPN are now using v2ray to disguise their VPN tunnels