Changes between Initial Version and Version 1 of Ticket #10969, comment 49


Ignore:
Timestamp:
Sep 18, 2017, 11:23:49 PM (2 years ago)
Author:
cypherpunks
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #10969, comment 49

    initial v1  
    1010> Again read the documentation to see whether it would suit your needs: https://trac.torproject.org/projects/tor/wiki/doc/PluggableTransports/SnowFlakeEvaluation
    1111
    12 I don't think I'm misunderstanding how Snowflake works. Snowflake does change the threat model for this issue a bit. Against a local-city adversary who sees only coarse connection data (4-tuples and timestamps, say) who wants to track your location, yes, I think it is probably better than using a guard even if there aren't other Snowflake users (assuming that the domain fronting and STUN hosts are commonly used in that city). If the adversary has netflow data, though, or if your adversary is at the domain fronting host, then they can presumably fingerprint you as a snowflake user (aka "that" snowflake user, when you're the only snowflake user in town). And unlike with guards, with the snowflake domain fronting host, you don't have a bunch to choose from and the ability to rotate them.
     12I don't think I'm misunderstanding how Snowflake works. Snowflake does change the threat model for this issue a bit. Against a local-city-country passive adversary who sees only coarse connection data (4-tuples and timestamps, say) who wants to track your location, yes, I think it might be better than using a guard even if there aren't other Snowflake users (assuming that the domain fronting and STUN hosts are commonly used in that city). If the adversary has netflow data, though, or if your adversary is at the domain fronting host, then they can presumably fingerprint you as a snowflake user (aka "that" snowflake user, when you're the only snowflake user in town). And unlike with guards, with the snowflake domain fronting host, you don't have a bunch to choose from and the ability to rotate them.
    1313
    1414But, more importantly, I think moreso than with any other transport, Snowflake exposes you to attacks by active adversaries who would like to become your first hop (unless I'm mistaken, it's way worse than `UseEntryGuards 0`, no?).