Network Traffic Patterns in Snowflake =======================================

• we only use the WebRTC data channel in Snowflake becuause it uses tcp, media channels use udp
• we don't have a way to transmit censorship-resistant data using unreliable protocols (eg UDP) - a solution for this is QUIC
• QUIC components could be implemented on top of media streams to encode data in the media channels
• so far data channels used mostly for gaming
• mike has a side project to use quic in Tor so that packets don't get buffered in a hop

-fingerprintability comes from:

• using data channel (not a concern)
• outdated WebRTC clients/libraries -more important- meek was blocked for a while cause it was using old versions of firefox, problem was implementation, not the protocol

• go library?
• Snowflake uses a c++ library took from chrome some time ago

-Code needs to be adapted to what current users are using:

• browsers are always mostly updated automatically

• need to track when google make new releases of chrome

• maintaining code with the current library is painful: it has their own language/implementation. Difficult to maintain cause they'll change stuff.

-Snowflake could switch to the WebRTC implementation of Firefox:

• 5% users are firefox which is still a lot of colateral damage for censors

• we could eliminate the c++ code and potentially build snowflake reproducibly on windows

• concern: put maintenance of this on the browser team

• needs to start Tor Browser with a different profile different from the default (to behave more like firefox without all plugins)

• meek must do something similar, which can be copied

• go application that listen on websocket and html page inside firefox report to that

ACTION: Investigate how meek implements a browser profile (ticket)

• look more at the meek workflow

• meek uses only tb

• if something that meek does could be problematic, tak with tb how much could take to change

-Need to investigate the suitability of the Firefox WebRTC implementation:

• is webrtc implementation different in different browsers?

-Need to review encryption in WebRTC:

• what is the encryption in webrtc?, uses gTLS?, is it oportunistic? (yes, don't have certificates, just the handshake)

• that's not a problem for us cause we do what in data channel?

• the data in data channel is already encrypted, so it doesn't matter which encryption data channels use

• ticket about building snowflake on 32-bit machines - is this something we need to support (no)
• support requirements are different for clients vs proxies
• Firefox ESR = extended support version that many business use
• worth to spend time to change to TB
• TB team is going to build it