Snowflake (software)

Last updated

Snowflake
Original author Serene
Developers The Tor Project and community
Initial releaseJanuary 24, 2017;8 years ago (2017-01-24) [1]
Repository
Written in Go, [2] [3] JavaScript [2] [4]   OOjs UI icon edit-ltr-progressive.svg
Included with Tor Browser, [1] Orbot [1]
Predecessor Flash proxy [1]
Type Internet censorship circumvention, [1] Overlay network [ citation needed ]
License 3-clause BSD License [5] [4] [6]   OOjs UI icon edit-ltr-progressive.svg
Website snowflake.torproject.org   OOjs UI icon edit-ltr-progressive.svg

Snowflake is a software package for assisting others in circumventing internet censorship by relaying data requests. Snowflake proxy nodes are meant to be created by people in countries where Tor and Snowflake are not blocked. [7] People under censorship then use a Snowflake client (packaged with the Tor Browser and Onion Browser) [8] to access the Tor network, using Snowflake relays as proxy servers. Access to the Tor network can in turn give access to other blocked services (like blocked websites). [7] A Snowflake proxy can be created by either installing a browser extension, installing a stand-alone program or browsing a webpage with an embedded Snowflake proxy. The proxy runs after the user has voluntarily enabled it and the browser or program is connected to the internet.

Contents

In contrast to regular VPNs and proxy services, creating a Snowflake proxy does not require port forwarding or having a dedicated IP address, [1] with simply installing a browser extension being enough most of the time. The ease and accessibility of creating proxies increases the difficulty of blocking their IP addresses due to the large number of them in existence. [1] [9]

As of 2024, Snowflake proxies are hosted on about 140000 unique IP addresses concurrently. [1] The average number of users that use Snowflake to connect to Tor is 35000 and 29 TB of their traffic is relayed by Snowflake proxies daily. [1]

History

Snowflake was originated by Serene, a hacker and former Google engineer and concert pianist. [10] It was inspired by Flash proxy, a similar censorship circumvention system. [11] The name "Snowflake" was coined as her metaphor for a large number of ephemeral proxies [7] in relation to "ICE Negotiation". [11] Three programmers published the first version in January 2016. In 2019, it became available as a browser extension for Firefox and Chrome. [7] It can also be run on derived browsers, such as Brave and Microsoft Edge. [12] [8] In February 2023 a thoroughly upgraded, stand-alone version dubbed Snowstorm was released; written in Rust and funded by the Open Tech Fund, beta testing is by invitation. [13] [14]

Function

The end-user asks the broker server for a Snowflake proxy The broker finds a Snowflake proxy that is available The broker replies to the end-user The end-user contacts the Snowflake proxy, with a direct peer-to-peer connection The data request is relayed through the Tor network to the destination server (for instance, the website the end-user is browsing) Snowflake-(Tor)-schematic.png
  1. The end-user asks the broker server for a Snowflake proxy
  2. The broker finds a Snowflake proxy that is available
  3. The broker replies to the end-user
  4. The end-user contacts the Snowflake proxy, with a direct peer-to-peer connection
  5. The data request is relayed through the Tor network to the destination server (for instance, the website the end-user is browsing)

Normal internet data packages come labelled with the original source and the final recipient of the data. For example, a package containing the encrypted text of a website would be labelled with the destination (the IP address of the reader's computer), and the source (the IP address of the website's server). [15] [16] This means that even if the actual content is encrypted, a censor can identify and block all packages from certain sources. [17] [18] [19]

The Tor network can be used to access such blocked sites [16] by acting as a proxy, covering the real destination address of the user's request. [20] [21] In order to prevent circumvention, censors may try to disable direct access to Tor by blocking connections to its relays, which are publicly known. [16]

Snowflake provides covert, indirect access to Tor. [1] A Snowflake client is provided with the IP address of a currently-active Snowflake proxy by asking a broker server, [8] [22] which in turn uses domain fronting to pretend to be a major website. The client then talks directly to the Snowflake proxy, which relays into the Tor network. The traffic looks like ordinary peer-to-peer traffic, such as that used by many videoconferencing apps. [22]

A Snowflake proxy runs whenever the browser or program is connected to the internet. If the proxy host has a dynamic IP, the proxy will change its IP address over time. [10] [8]

Snowflake proxies are thus used as Tor entry nodes, not as exit nodes. Tor exit nodes might face legal action in the country in which they are hosted if they relay content that is illegal in that jurisdiction. It is unlikely that Snowflake proxy hosts could face such liabilities, since they do not know what content they are relaying. [10] There are, however, countries where using Tor for any purpose is illegal, such as Russia and Iran. [23]

Deployment

<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
snowflake.torproject.org ,
HTML code to add a togglable Snowflake relay to a webpage

Snowflake uses WebRTC to allow browsers to communicate directly with one another. [8] Either installing a browser extension, or keeping a tab open to a webpage with the right embedded code, causes one's browser to act as a proxy. [7] Embedding a Snowflake badge in a website allows visitors to make their browser into a proxy, exactly as installing the extension does, but by clicking a button on the website rather than by installing software. [24] Snowflake can also be run as a stand-alone program in a Docker container. [8]

Proxying traffic increases the proxy host's bandwidth usage, which may be a problem for those with bandwidth limits on their internet plans. [10] In practice, hosting a Snowflake proxy does not seem to appreciably slow one's internet connection [12] or disrupt browsing. [8]

Countermeasures

Countermeasures believed to be currently in use against Snowflake from Russia include browser fingerprinting Snowflake hosts and then blocking them. Censors may also install and use Tor, then block all the IP addresses offered as Snowflake servers. Both of these techniques are weakened when there are larger numbers of servers. [25]

Censors may attempt to block the broker's IP address. To circumvent this, the Snowflake client utilizes domain fronting. This makes it infeasible for the censor to block a single website without blocking all the other websites hosted on the same cloud service. Google Cloud Platform and Amazon's AWS are examples of services that host hundreds of thousands of websites. Blocking all the servers of one of these major hosts would have disruptive side effects. [22] However, the cloud provider can and often does block domain fronting. [26] [27]

If overseas connections from data centers are allowed, but residential and mobile services are restricted to local connections, then Tor bridges may be secretly and illegally set up in local data centers. [28]

When a state shuts down access to foreign internet connections altogether, essentially cutting the country off from the global internet, Snowflake and other internet anonymity tools are defeated. [10] This method has been applied by countries such as Iran, Ethiopia and Belarus, although it can carry a severe negative impact to the economy (in Iran in 2022, the cost was estimated at $37 million US a day [29] ), so these interventions are usually restricted to short periods of time. [10] [30]

Uses

Snowflake came to be widely discussed online in the first week of October 2022, as a way of combating internet restrictions in Iran during the Mahsa Amini protests, [10] and a guide in Persian was released. [31] [22]

In 2022, the Russian government increased efforts to block access to Tor through technical and political means, and the Tor network reported an increase in traffic from Russia using Snowflake. [25]

Snowflake is integrated into the Tor network. Usage of the Tor network is becoming more common in Russia, Belarus, and Iran, as of 2022, as internet censorship in these countries has become more strict. [12]

See also

References

  1. 1 2 3 4 5 6 7 8 9 10 Fifield, David; Wang, Xiaokang; Serene; Breault, Arlo; Bocovich, Cecylia (August 2024). Snowflake, a censorship circumvention system using temporary WebRTC proxies. USENIX. pp. 2635–2652. ISBN   978-1-939133-44-1 . Retrieved 22 July 2024.
  2. 1 2 "Snowflake, a censorship circumvention system using temporary WebRTC proxies". USENIX. Retrieved 26 July 2024.
  3. "Snowflake" . Retrieved 26 July 2024.
  4. 1 2 "Snowflake WebExtension" . Retrieved 26 July 2024.
  5. "Snowflake" . Retrieved 26 July 2024.
  6. "Snowflake". Free Software Directory. Retrieved 26 July 2024.
  7. 1 2 3 4 5 Cimpanu, Catalin (16 October 2019). "Tor Snowflake turns your browser into a proxy for users in censored countries". ZDNET.
  8. 1 2 3 4 5 6 7 Eikenberg, Ronald (30 September 2022). "Internetsperren im Iran: So leisten Sie mit Snowflake Unterstützung". c't Magazin (in German). heise online.
  9. Fifield, David (15 December 2017). Threat modeling and circumvention of Internet censorship. www.bamsoftware.com (PhD thesis). EECS Department, University of California, Berkeley. Archived from the original on 7 January 2018. Retrieved 28 July 2024. Alt URL
  10. 1 2 3 4 5 6 7 Schwarzer, Matthias (30 September 2022). "Netzsperre im Iran umgehen: Wie "Snowflake" einen Weg ins freie Internet ermöglicht - so kann der Westen helfen". RedaktionsNetzwerk Deutschland (in German). Retrieved 10 October 2022.
  11. 1 2 3 "The original Snowflake repo". Tor Project GitLab. 7 July 2024. Retrieved 3 December 2024. Why is this called Snowflake? It utilizes the "ICE" negotiation via WebRTC, and also involves a great abundance of ephemeral and short-lived (and special!) volunteer proxies
  12. 1 2 3 Küchemann, Fridtjof (27 September 2022). "Per Snowflake ins TOR-Netzwerk: Online-Gasse für Menschen in Iran". Frankfurter Allgemeine Zeitung (in German).
  13. Binder, Matt (10 February 2023). "Snowflake helped Tor users thwart Russian censorship. Now the VPN is branching out as Snowstorm". Mashable.
  14. Moreno, Johan (8 February 2023). "As The Internet Freedom Project Expands, Snowflake Becomes Snowstorm". Forbes.
  15. "HTTPS Everywhere FAQ". Electronic Frontier Foundation. 7 November 2016.
  16. 1 2 3 Esguerra, Richard (29 June 2009). "Help Protesters in Iran: Run a Tor Bridge or a Tor Relay". Electronic Frontier Foundation.
  17. Alimardani, Mahsa; Jacobs, Frederic (7 May 2015). "New Research: Iran is Using 'Intelligent' Censorship on Instagram". Global Voices Advox.
  18. Franceschi-Bicchierai, Lorenzo (7 May 2015). "Iran's 'Smart' Instagram Censorship Isn't That Smart". Vice News.
  19. Budington, Bill (1 April 2015). "China Uses Unencrypted Websites to Hijack Browsers in GitHub Attack". Electronic Frontier Foundation.
  20. Quintin, Cooper (13 June 2014). "Tor Is For Everyone: Why You Should Use Tor". Electronic Frontier Foundation.
  21. Shavers, Brett (2016). "2 The Tor Browser". Hiding behind the keyboard : uncovering covert communication methods with forensic analysis (PDF). Cambridge, MA. ISBN   9780128033524.{{cite book}}: CS1 maint: location missing publisher (link)
  22. 1 2 3 4 Quintin, Cooper (4 October 2022). "Snowflake Makes It Easy For Anyone to Fight Censorship". Electronic Frontier Foundation.
  23. Tackett, Carolyn (25 June 2018). "Venezuela blocks access to the Tor network". Access Now.
  24. "Snowflake". snowflake.torproject.org.
  25. 1 2 Burgess, Matt (28 July 2022). "How Tor Is Fighting—and Beating—Russian Censorship". WIRED . Retrieved 30 July 2022.
  26. Mates, Matan (15 April 2019). "Tor, Meek & The Rise And Fall Of Domain Fronting". SentinelOne.
  27. Dou, Eva; Barr, Alistair (16 March 2015). "U.S. Cloud Providers Face Backlash From China's Censors". WSJ.
  28. Butcher, Mike (5 October 2022). "As Iran throttles its internet, activists fight to get online". TechCrunch.
  29. Zad, Arash (29 September 2022). "When Will Iran's Internet Censorship Collapse?". Slate Magazine. Retrieved 6 October 2022.
  30. Burgess, Matt (7 October 2020). "Iran's total internet shutdown is a blueprint for breaking the web". Wired UK. Condé Nast.
  31. "Iran: Circumventing Censorship with Tor". Tor Project Forum. 22 September 2022.
  32. "How it works - Briar". briarproject.org.
  33. Boniadi, Nazanin (30 September 2022). "'LOTR: The Rings Of Power's Nazanin Boniadi Calls For Action After Death Of Mahsa Amini In Iran – Guest Column". Deadline.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.