i have a ? does the ISP know what websites i've been too? do they know what i google? do they know exact url like https://www.wilderssecurity.com/newthread.php?s=9&do=newthread&f=42 or just that i'm at https://www.wilderssecurity.com
Your ISP knows the exact URL you have visited. The exception is if you go to a secured site, in which that would be a https:// address. HTTPS indicates a site which you will communicate with encryption (either SSL or TLS). In this case, your ISP will only see the visit to the original https site, but nothing else until signed off of that site. TOR, JAP or a VPN are solutions to surfing with your ISP being left out of the loop.
can they see specific things? like images, and what i said in thi psot? i feel like a satellite dish is right over me, watching everything i do,
Uh, yes, they can. They probably wouldn't bother unless they have something against you, but technically, they very much can (again, unless you are communicating through an encrypted channel, like https).
How does TOR compare to JAP in your opinion? Advantages of either, Why would you choose one over the other?
All unencrypted traffic you view (or send) is the equivalent of sending a postcard. The postal service HAS to be able to read the address to send it where it wants to go. They *could* also read the card. Encrypting using HTTPS it is like sending a letter. Your content is within the envelope - it can't be read by the casual observer. So - if your question means is it legal for your ISP to know - with most protocols, they have to in order to provide the service. If your question means is it legal for them to snoop - I guess it depends on your jurisdiction, privacy laws and the agreement you have signed. I we some support last year for an email company that had 100,000+ users. Technically, we could have isolated any account, read mail, hid or redirected it as we wanted, copied it and sent it on to a third party. That is the degree of trust that you place in the email provider - you have to trust that they will not do that, even though they can. Google's adwords may scan the text of your email to help with ad placement. Usually, humans will never ever look at your account unless there is a compelling reason to do so.
So if an attacker found my i.p. and they did a portscan, but i was using tor would that affect my machine, or the server?