Changes between Initial Version and Version 1 of org/meetings/2019BrusselsNetworkTeam/Notes/SnowflakeTrafficPatterns


Ignore:
Timestamp:
Jan 30, 2019, 1:33:11 PM (8 months ago)
Author:
juga
Comment:

Add page Snowflake Traffic Patterns

Legend:

Unmodified
Added
Removed
Modified
  • org/meetings/2019BrusselsNetworkTeam/Notes/SnowflakeTrafficPatterns

    v1 v1  
     1Network Traffic Patterns in Snowflake
     2=======================================
     3
     4
     5- we only use the WebRTC data channel in Snowflake becuause it uses tcp, media channels use udp
     6- we don't have a way to transmit censorship-resistant data using unreliable protocols (eg UDP) - a solution for this is QUIC
     7- QUIC components could be implemented on top of media streams to encode data in the media channels
     8- so far data channels used mostly for gaming
     9- mike has a side project to use quic in Tor so that packets don't get buffered in a hop
     10
     11-fingerprintability comes from:
     12    - using data channel (not a concern)
     13    - outdated WebRTC clients/libraries -more important- meek was blocked for a while cause it was using old versions of firefox, problem was implementation, not the protocol
     14
     15- go library?
     16- Snowflake uses a c++ library took from chrome some time ago
     17
     18-Code needs to be adapted to what current users are using:
     19
     20    - browsers are always mostly updated automatically
     21
     22    - need to track when google make new releases of chrome
     23
     24    - maintaining code with the current library is painful: it has their own language/implementation. Difficult to maintain cause they'll change stuff.
     25
     26
     27-Snowflake could switch to the WebRTC implementation of Firefox:
     28
     29    - 5% users are firefox which is still a lot of colateral damage for censors
     30
     31    - we could eliminate the c++ code and potentially build snowflake reproducibly on windows
     32
     33    - concern: put maintenance of this on the browser team
     34
     35    - needs to start Tor Browser with a different profile different from the default (to behave more like firefox without all plugins)
     36
     37    - meek must do something similar, which can be copied
     38
     39    - go application that listen on websocket and html page inside firefox report to that
     40
     41
     42ACTION: Investigate how meek implements a browser profile (ticket)
     43
     44    - look more at the meek workflow
     45
     46    - meek uses only tb
     47
     48    - if something that meek does could be problematic, tak with tb how much could take to change
     49
     50
     51-Need to investigate the suitability of the Firefox WebRTC implementation:
     52
     53    - is webrtc implementation different in different browsers?
     54
     55
     56-Need to review encryption in WebRTC:
     57
     58    - what is the encryption in webrtc?, uses gTLS?, is it oportunistic? (yes, don't have certificates, just the handshake)
     59
     60    - that's not a problem for us cause we do what in data channel?
     61
     62    - the data in data channel is already encrypted, so it doesn't matter which encryption data channels use
     63
     64
     65- ticket about building snowflake on 32-bit machines - is this something we need to support (no)
     66- support requirements are different for clients vs proxies
     67- Firefox ESR = extended support version that many business use
     68- worth to spend time to change to TB
     69- TB team is going to build it
     70