Opened 8 weeks ago

Last modified 3 weeks ago

#31250 needs_information task

Purchase new snowflake domain to fix "safe browsing" issue

Reported by: phw Owned by:
Priority: High Milestone:
Component: Circumvention/Snowflake Version:
Severity: Major Keywords:
Cc: cohosh, dcf, arlolra, phw, saint Actual Points:
Parent ID: Points: 2
Reviewer: Sponsor:

Description

*.bamsoftware.com is currently marked as "unsafe" by Google's "safe" browsing system, which breaks in-browser snowflake proxies. We don't know what caused this decision. It's probably a false positive because of an educational article but it may be snowflake itself. We are still waiting to hear back from Google.

We cannot transition the system to a torproject.org domain because if snowflake itself was the issue, we may end up getting torproject.org marked as unsafe too. Besides, our sysadmins may not like providing a domain for a system they don't control.

As a temporary solution, we could purchase another domain and transition to it. Examples are:

  • snowflake.best
  • snowflake.rocks
  • snowflake.world
  • snowflake.army

Child Tickets

Change History (18)

comment:1 Changed 8 weeks ago by arma

$ host snowflake.freehaven.net
snowflake.freehaven.net is an alias for snowflake.bamsoftware.com.
snowflake.bamsoftware.com has address 37.218.242.151
snowflake.bamsoftware.com has IPv6 address 2a00:c6c0:0:151:4:8f94:69f5:7c01

$ host snowflake-broker.freehaven.net
snowflake-broker.freehaven.net is an alias for snowflake-broker.bamsoftware.com.
snowflake-broker.bamsoftware.com has address 37.218.240.96

Feel free to give these a try. We can use them for the medium term until we learn more about whether it was the woot paper that caused the trouble, or snowflake. (And if it was snowflake, ok I guess I will now have two domains to ask the safe browsing team wtf about.)

Long term, once we've resolved the zip bomb question, I think using a cname in the torproject.net domain will be a fine choice.

comment:2 Changed 8 weeks ago by dcf

I configured the hosts to recognize the freehaven.net names.

One the broker, in /etc/service/snowflake-broker/run, I changed --acme-hostnames snowflake-broker.bamsoftware.com to --acme-hostnames snowflake-broker.bamsoftware.com,snowflake-broker.freehaven.net and ran sv restart snowflake-broker.

On the bridge, in /etc/tor/torrc, I changed --acme-hostnames snowflake.bamsoftware.com to --acme-hostnames snowflake.bamsoftware.com,snowflake.freehaven.net and ran service tor restart.

So if we want to go ahead with this plan, all that's needed is changing the broker and bridge addresses in the proxy code, and redeploying.

comment:3 in reply to:  1 Changed 8 weeks ago by irl

Replying to arma:

Long term, once we've resolved the zip bomb question, I think using a cname in the torproject.net domain will be a fine choice.

*.torproject.net and *.torproject.org are both routinely blocked for residential Internet connections in the UK on the basis that they provide circumvention of the connection filtering. The snowflake extension itself doesn't provide circumvention to the user of the extension so there is a good basis for arguing it shouldn't be blocked (and I've had these arguments with <large computer security company>'s staff, who maintain some of the block lists) but I think their stuff doesn't really work on subdomains or their staff did not configure things with subdomains when I've made complaints. It's all or nothing.

comment:5 Changed 7 weeks ago by cohosh

Status: newneeds_review

Should probably put this in needs_review. I tested it out locally. Should we go ahead and do this update?

comment:6 Changed 7 weeks ago by cohosh

Okay apologies if I moved on this too quickly. I pushed the fix to both the chrome and mozilla webstores and it appears to be working for both #31231 and #31232.

As a side note, Mozilla must have changed their validation process a bit because they complained that the snowflake icon in the manifest wasn't square. I made this change and pushed it as well.

comment:7 Changed 7 weeks ago by cohosh

Alright, sorry for the messy update/versioning. I'd accidentally included the embed.html and embed.js files from a different branch. Should be fixed now.

comment:8 Changed 7 weeks ago by arlolra

Okay apologies if I moved on this too quickly

No problem, thanks for getting it out

it appears to be working for both #31231 and #31232.

s/#31232/#31230/

Alright, sorry for the messy update/versioning. I'd accidentally included the embed.html and embed.js files from a different branch. Should be fixed now.

I opened #31253 to hopefully make our lives easier

comment:9 Changed 7 weeks ago by arlolra

it appears to be working for both #31231 and #31232.

s/#31232/#31230/

Note that, while those two were specific to the addon, the badge is still not updated.

comment:10 Changed 7 weeks ago by cypherpunks

Why is the update taking this much time to appear in the Chrome addon store?

comment:11 in reply to:  10 ; Changed 7 weeks ago by cohosh

Replying to cypherpunks:

Why is the update taking this much time to appear in the Chrome addon store?

In our experience so far, the Chrome addon store takes at least a day (maybe longer?) to approve new versions. I'm not sure why.

comment:12 Changed 7 weeks ago by cypherpunks

Is the in-page version of the proxy hosted at https://snowflake.torproject.org/snowflake (or more specifically, the javascript proxy code in https://snowflake.torproject.org/snowflake.js) going to be maintained as well? It currently still references bamsoftware.com.

I hope so, since I prefer that over the Firefox addon because it lets me see what's actually happening, and I can run more than one tab with it instead of just the one addon proxy. But if not, it should probably be removed from the docs page at https://trac.torproject.org/projects/tor/wiki/doc/Snowflake. There should either be an explicit commitment to keep the in-page js proxy up to date with changes made to the plugin, or the docs page should stop showing it as a valid option.

comment:13 in reply to:  11 ; Changed 7 weeks ago by dcf

Replying to cohosh:

Replying to cypherpunks:

Why is the update taking this much time to appear in the Chrome addon store?

In our experience so far, the Chrome addon store takes at least a day (maybe longer?) to approve new versions. I'm not sure why.

I checked just now (2019-07-27T15:19:08+00:00) and it's now showing version 0.0.7 rather than 0.0.8 🙃

comment:14 in reply to:  13 ; Changed 7 weeks ago by cypherpunks

Replying to dcf:

I checked just now (2019-07-27T15:19:08+00:00) and it's now showing version 0.0.7 rather than 0.0.8 🙃

Thanks David, another shameless question when will cupcake use the new freehaven domain? (I tested it and I only saw the bamsoftware one in the addon's settings)

comment:15 in reply to:  14 Changed 7 weeks ago by dcf

Cc: saint added

Replying to cypherpunks:

Thanks David, another shameless question when will cupcake use the new freehaven domain? (I tested it and I only saw the bamsoftware one in the addon's settings)

I just sent email to saint about that today, we'll see.

comment:16 in reply to:  12 Changed 7 weeks ago by dcf

Replying to cypherpunks:

Is the in-page version of the proxy hosted at https://snowflake.torproject.org/snowflake (or more specifically, the javascript proxy code in https://snowflake.torproject.org/snowflake.js) going to be maintained as well? It currently still references bamsoftware.com.

Relax, friend, it was just a little slower to update :) I deployed from 0bded511b99a396df2172c89f0ac9a9ae21a2115 at about 2019-07-27 15:53.

I also added a deployment guide to proxy/README.md to hopefully make it smoother in the future.

comment:17 in reply to:  13 Changed 7 weeks ago by cohosh

Replying to dcf:

Replying to cohosh:

Replying to cypherpunks:

Why is the update taking this much time to appear in the Chrome addon store?

In our experience so far, the Chrome addon store takes at least a day (maybe longer?) to approve new versions. I'm not sure why.

I checked just now (2019-07-27T15:19:08+00:00) and it's now showing version 0.0.7 rather than 0.0.8 🙃

Yeah, there's a different packaging requirement for Chrome and Firefox and I messed up the Firefox 0.0.7 upload so had to do a version bump. The Chrome one is fine (I think). In any case, the update took too long for me to just bump it right away again.

comment:18 Changed 3 weeks ago by dcf

Status: needs_reviewneeds_information

Since this discussion happened, there are also domains snowflake.torproject.net and snowflake-broker.torproject.net reserved for this purpose (#31232, #31522).

Also saint, I think we're waiting on confirmation that Cupcake is using the newer domains (i.e. tag webext-0.0.7 or later) to close this ticket. https://chrome.google.com/webstore/detail/cupcake/dajjbehmbnbppjkcnpdkaniapgdppdnc still says "Version: 2.0; Updated: July 26, 2019", which is the same day as webext-0.0.7, so I'm not sure.

Note: See TracTickets for help on using tickets.