Snowflake bridge metrics 2023 year in review
forum.torproject.org
This is a summary of usage of the Snowflake pluggable transport in 2023. For the previous year’s summary, see the Snowflake 2022 year in review. The primary Snowflake bridge, called snowflake-01, is supported by donations. In 2023, the Snowflake Daily Operations team paid about €4,820 in hosting expenses to keep the bridge running—with most of that going for bandwidth. In 2024, in addition to paying for bandwidth, we would like to buy new hardware for the bridge, which will enable it to support...

We can also break down users by country. The largest contingent of Snowflake users are in Iran, which has been the case since the Mahsa Amini protests in 2022 1. The graph shows also a large number of users apparently from the United States, but we believe that may be partly the result of geolocation errors, and many of them are actually from Iran. After Iran, the countries with the most Snowflake users are Russia and China.

  • @moonpiedumplings
    15 months ago

    They could. But in countries where internet access is restricted by authorities, running any more than an insignificant amount of traffic over a VPN, even protocols as stealthy as the ones that make them indistinguishable from website (http/s) traffic, can be noticable… and being noticed can get you killed.

    Snowflake, on the other hand, runs proxies to users of the snowflake browser extension, who act as entry points. It’s named so because connections are ephemeral, and last for a short time, like snowflakes. This makes it much harder to distinguish.

    It’s not only about what internet traffic, it’s also about where.

    And of course, the how is relevant too. Not many people want to spend the time to set up an ssl vpn (and multiple people using it makes it easier to spot).

    You need to understand what you’re asking when you suggest people set up their own proxy. You’re asking them to learn a skill, most likely in their free time (free time and energy they may not even have), and without many resources to learn (censored internet), and then rest their lives and livelihoods on that skill. Depending on the regime, maybe the lives of their friends and family, as well.

    Comparatively, it’s like two clicks to select snowflake as an entrypoint in the tor browser configuration options.

    • @[email protected]
      15 months ago

      I completely understand the point about Snowflake having been created for use in such scenarios.

      Your comment raised a couple of interesting points though.

      1. If governments are able to identify SSL-VPN traffic, then the VPN technology isn’t working as expected. That’s a failing from the VPN’s side in that case. One way in which I could clearly see such traffic being compromised is by logging the hops that traffic takes, and realising that everything is going through a single point, I.e. a VPN. But if one were to use a revolving VPN, that shouldn’t be a problem in theory.
      2. My original question was more in the line of “what tech does snowflake use that distinguishes itself from SSL-VPNs in terms of masking traffic?”
      3. Since you raised the point about snowflake connections being ephemeral, I’ll assume that snowflake connections are automatically rotated across available peers without the user having to set it up? However, just like with the rest of TOR, most governments can rent a bunch of cloud infrastructure and deal with deanonymising this part of the chain too.

      And let’s be honest here: TOR isn’t exactly the most private network on the planet. It’s well known that TOR devs collaborate with the 5 eyes and have backdoors built in, alongside the American agencies having access to a lot of the traffic on TOR to be able to mathematically deduce origin and destination of traffic including up to the point of clearnet IP addresses.