anti-censorship-team September 2024

anti-censorship-team@lists.torproject.org

3 participants
2 discussions

Anyone have a copy of the v0.9.0 Snowflake WebExtension CRX file?
by David Fifield 21 Oct '24

21 Oct '24

I just archived v0.9.0 and v0.9.1 of the Snowflake WebExtension: https://archive.org/details/snowflake-webextension-0.9.0 https://archive.org/details/snowflake-webextension-0.9.1 However, I neglected to download v0.9.0 from the Google Play Store before it got updated to v0.9.1, and I don't know of a way to download older version from the Google Play Store. What I've done for v0.9.0 is uploaded Shelikhoo's submitted build-webext-chromium_v3.zip from https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snow…. But ideally I'd like to have the CRX file that is digitally signed by Google. Does someone maybe have v0.9.0 still installed, or else know how to download an older version? What I do to download the current version is fetch the URL https://clients2.google.com/service/update2/crx?response=redirect&prodversi…

2 2

Significant ?? country users of snowflake-01 in August 2024
by David Fifield 06 Sep '24

06 Sep '24

Making some graphs for the August 2024 Snowflake bridge report, there are a couple of weird things to comment on. On August 22–23, there was a drop in users across both bridges that later almost evened out. (See first attachment.) It affected both bridges. >From August 16–31, the ?? country broke into the top 5 countries by user count, on the snowflake-01 bridge only. (See third attachment.) Because the country code comes from the proxy, which reports the remote IP address of the client, a country code of ?? means that either the proxy did not report an IP address (no client_ip WebSocket URL parameter), or the IP address was not found in a geolocation lookup. Here's a past case where a bug in the WebExtension was resulting in ?? countries: https://bugs.torproject.org/tpo/anti-censorship/pluggable-transports/snowfl… The snowflake server logs daily the fraction N/D of connections that had client_ip set. In the case before, N decreased while D remained constant. In this case, it looks like N is remaining constant while D is greatly increasing. See in the listing below how N/D suddenly drops from 99% to 41% on 2024-08-13. In the last couple of days, ⅔ to ¾ of connections have been missing the client_ip parameter. The client_ip-less connections must not represent very many user-hours, otherwise they would completely dominate the user graphs. Did something happen on 2024-08-13? Is this a new source of proxies with an implementation bug? Some kind of attack? (Against the bridge?) $ grep 'connections had client_ip$' /var/log/snowflake-server/snowflake-server.log | perl -ane '$F[7] =~ m#^(.*)/(.*)$#; printf("%s %s %8d/%-8d %6.2f%%\n", $F[0], $F[1], $1, $2, 100 * ($2 == 0 ? 0.0 : $1/$2));' 2024/08/06 08:57:22 463234/464597 99.71% 2024/08/07 08:57:22 462398/463581 99.74% 2024/08/08 08:57:22 453003/454165 99.74% 2024/08/09 08:57:22 450344/451707 99.70% 2024/08/10 08:57:22 450057/452228 99.52% 2024/08/11 08:57:22 449782/452296 99.44% 2024/08/12 08:57:22 452387/475006 95.24% 2024/08/13 08:57:22 450993/1089806 41.38% 2024/08/14 08:57:22 455701/828402 55.01% 2024/08/15 08:57:22 449159/886577 50.66% 2024/08/16 08:57:22 430698/1061690 40.57% 2024/08/17 08:57:22 426891/1240861 34.40% 2024/08/18 08:57:22 428010/1139078 37.58% 2024/08/19 08:57:22 425667/1363289 31.22% 2024/08/20 08:57:22 427042/1181316 36.15% 2024/08/21 08:57:22 422347/1407363 30.01% 2024/08/22 08:57:22 418760/1437024 29.14% 2024/08/23 08:57:22 271142/1217897 22.26% 2024/08/24 08:57:22 353388/1291375 27.37% 2024/08/25 08:57:22 366323/1117172 32.79% 2024/08/26 08:57:22 382452/1107561 34.53% 2024/08/27 08:57:22 416759/1451520 28.71% 2024/08/28 08:57:22 413329/1445703 28.59% 2024/08/29 08:57:22 403754/1490629 27.09% 2024/08/30 08:57:22 388147/1490993 26.03% 2024/08/31 08:57:22 395311/1377168 28.70% 2024/09/01 08:57:22 389361/1344726 28.95% 2024/09/02 08:57:22 377702/1169902 32.28% 2024/09/03 08:57:22 369956/1272026 29.08% 2024/09/04 08:57:22 368266/1330355 27.68% 2024/09/05 08:57:22 371429/1260571 29.47%

2 3

2024

2023

2022

2021

2020

2019

anti-censorship-team September 2024