[tor-bugs] #31391 [Circumvention/Snowflake]: Block censored countries from running snowflakes

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Aug 12 13:32:43 UTC 2019 

#31391: Block censored countries from running snowflakes
-------------------------------------+------------------------
 Reporter:  cypherpunks              |          Owner:  (none)
     Type:  defect                   |         Status:  new
 Priority:  Medium                   |      Milestone:
Component:  Circumvention/Snowflake  |        Version:
 Severity:  Normal                   |     Resolution:
 Keywords:                           |  Actual Points:
Parent ID:                           |         Points:
 Reviewer:                           |        Sponsor:
-------------------------------------+------------------------

Comment (by cohosh):

 Replying to [comment:1 cypherpunks]:
 > There are even Iranian snowflakes, and guess what, they work.

 Yep, and it's not surprising that snowflakes would work in places that
 block Tor. Many places that block access to public Tor relays don't
 effectively block pluggable transports.

 There are a lot of challenges with doing something like the ticket
 describes. Keep in mind that:
 - the geoip database we use isn't perfect
 - keeping track of which proxies do and do not work in different regions
 is very difficult and as long as we have a lot of diverse snowflakes we
 probably don't need to do this (see
 https://trac.torproject.org/projects/tor/ticket/30350#comment:8)

 It might make sense to have some logic at the client to make sure they
 aren't connecting to a proxy within their own censored region for safety
 purposes, but a widespread rejection of snowflakes in all regions that
 censor public Tor relays seems both unnecessary and unfeasible. There are
 many reasons why an individual snowflake won't work well for a client in
 addition being run in a place that blocks the bridge IP:
 - the snowflake could be maliciously or due to bugs unreliable
 - the snowflake could be outside the censored region but on an IP address
 blocked by the censor

 We are working on other solutions to handle all of these problems (see
 #25429, #25723). We're going for quantity and overall quality here and
 hoping that we can have a solution for the instances in which individual
 quality suffers.

 That being said, we might say something on the web store to the effect
 that if you reside in a region that censors Tor, your snowflake probably
 won't be very useful.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31391#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list