[tor-talk] Snowflake vs China
Neel Chauhan
neel at neelc.org
Sun Oct 6 17:45:54 UTC 2019
On 2019-10-02 18:37, Jeremy Rand wrote:
> The main benefit of Snowflake against this threat model compared to
> other bridge types is that Snowflake bridges are more likely to be on
> dynamic IP addresses and are more likely to have intermittent
> availability. Both of these factors mean that Snowflake bridges have
> substantially more "churn", which means they resist enumeration attacks
> substantially better than the other bridge types. (You may recognize
> this advantage as one that a previous bridge type, Flash Proxy, also
> had. Snowflake is similar to Flash Proxy in this sense, but doesn't
> suffer from the UX issues that caused Flash Proxy to be deprecated.)
However, some "dynamic" IP addresses are sticky, especially those used
by non-mobile ISPs using DHCP instead of PPPoE.
This means these IPs more or less stay the same for a period of time,
unless you change your router MAC, but the ISP reserves the right to
change them anyways when the network changes without notice, unlike
"static" IPs which ISPs try to avoid changing unless they have to.
Heck, because of "sticky" IPs, many people with FTTH have "guard" relays
(including myself).
But for Snowflake, this could be an issue because a country like China
could block a residential IP for a while if they enumerate. However,
Snowflake bridges are usually short lived so IPs come and go and it's
harder to block (but don't assume it's unblockable, there's deep packet
inspection and machine learning).
-Neel
===
https://www.neelc.org/
More information about the tor-talk
mailing list