[tor-bugs] #29734 [Obfuscation/Snowflake]: Broker should receive country stats information from Proxy and Client

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Mar 13 02:31:18 UTC 2019 

#29734: Broker should receive country stats information from Proxy and Client
-------------------------------------+---------------------------
 Reporter:  cohosh                   |          Owner:  cohosh
     Type:  enhancement              |         Status:  assigned
 Priority:  Medium                   |      Milestone:
Component:  Obfuscation/Snowflake    |        Version:
 Severity:  Normal                   |     Resolution:
 Keywords:  snowflake, geoip, stats  |  Actual Points:
Parent ID:  #29207                   |         Points:  1
 Reviewer:                           |        Sponsor:  Sponsor19
-------------------------------------+---------------------------

Comment (by dcf):

 Replying to [comment:3 cohosh]:
 > Are we already collecting per-country usage stats for snowflake bridges
 (as we do for other types of bridges)?

 Yes, this was #18628. How it works is, the snowflake proxy forwards
 ([https://gitweb.torproject.org/pluggable-
 transports/snowflake.git/tree/proxy/proxypair.coffee?id=88f282c7334f9ee76dccbf9b84dc7bcf0b39cd5b#n98
 proxy], [https://gitweb.torproject.org/pluggable-
 transports/snowflake.git/tree/proxy-
 go/snowflake.go?id=88f282c7334f9ee76dccbf9b84dc7bcf0b39cd5b#n235 proxy-
 go]) the client's IP address to the bridge in a `client_ip=` URL query
 parameter. Then the server [https://gitweb.torproject.org/pluggable-
 transports/snowflake.git/tree/server/server.go?id=88f282c7334f9ee76dccbf9b84dc7bcf0b39cd5b#n160
 parses it] and passes it to tor in the `pt.DialOr` call. It's similar to
 what we worked out for meek, which was #13171.

 I don't think that Snowflake has enough users to show up on any of the by-
 country graphs at Tor Metrics, but you can see the stats in the uploaded
 descriptor files. Example: https://collector.torproject.org/archive
 /bridge-descriptors/extra-infos/bridge-extra-infos-2019-02.tar.xz
 {{{
 $ tar -O -xf bridge-extra-infos-2019-02.tar.xz | grep -A 24 '^extra-info
 flakey 5481936581E23D2D178105D44DB6915AB06BFB7F$' | grep -E
 '^dirreq-v3-reqs '
 dirreq-v3-reqs ru=16,tr=16,ae=8,cn=8,gb=8,je=8,us=8
 dirreq-v3-reqs tr=24,cn=16,ae=8,je=8,nl=8,ru=8,us=8
 dirreq-v3-reqs tr=16,cn=8,gb=8,ru=8,us=8
 ...
 }}}

 > If so, this might give us what we need automatically for noticing WebRTC
 filtering. Especially at the moment where there is one broker and one
 bridge, if clients are able to connect to snowflake proxies, there
 shouldn't be any '''censorship''' related reason that they cannot connect
 to bridges.

 This logic makes sense to me.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29734#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list