On 2019-10-02 18:37, Jeremy Rand wrote:
The main benefit of Snowflake against this threat model compared to other bridge types is that Snowflake bridges are more likely to be on dynamic IP addresses and are more likely to have intermittent availability. Both of these factors mean that Snowflake bridges have substantially more "churn", which means they resist enumeration attacks substantially better than the other bridge types. (You may recognize this advantage as one that a previous bridge type, Flash Proxy, also had. Snowflake is similar to Flash Proxy in this sense, but doesn't suffer from the UX issues that caused Flash Proxy to be deprecated.)
However, some "dynamic" IP addresses are sticky, especially those used by non-mobile ISPs using DHCP instead of PPPoE.
This means these IPs more or less stay the same for a period of time, unless you change your router MAC, but the ISP reserves the right to change them anyways when the network changes without notice, unlike "static" IPs which ISPs try to avoid changing unless they have to.
Heck, because of "sticky" IPs, many people with FTTH have "guard" relays (including myself).
But for Snowflake, this could be an issue because a country like China could block a residential IP for a while if they enumerate. However, Snowflake bridges are usually short lived so IPs come and go and it's harder to block (but don't assume it's unblockable, there's deep packet inspection and machine learning).
-Neel === https://www.neelc.org/ -- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk