There was a large and sudden increase in the number of Snowflake users from Turkmenistan, starting on 2025-04-28. Before now, the number of users in Turkmenistan had never been more than 100. Then it suddenly shot up to around 10,000. It declined during May 2025, but still remains in the thousands, making Turkmenistan now one of the countries with the greatest number of users.
Does anyone know a possible reason for the sudden change? IP address range unblocking, domain fronting made newly available, some local distribution of software or documentation, …?
This graph shows the number of users by countries for each of the two Snowflake bridges. Both bridges were affected about equally:
Turkmen censorship is hugely exaggerated by boogiemen and rkn employees who attempt to instill fear and disuade people from trying out of hopelessness of their censoring methods that get outdated fast. Your guy with green shirt on Tor conference said it himself that residential proxies worked in Turkmenistan when they tried, Turkmenistan does not have whitelists, it’s a lie spread by feds around here, just because major data centers are in blacklist, doesn’t magically make it a whitelist. Snowflake by design was intended to be p2p, to have most of its pool be residential connections or random joe schmoe opening browser with snowflake plugin, which is why it works. It’s the bootstrap on centralized hetzner that was the issue.
I personally have more faith in longevity of snowflake and similar p2p solutions than webtunnels as in neighboring threads all you see is how someone’s data center got blocked or tls 1.3 got blocked or some other unforeseen circumstance. But all those incidents have one thing in common, their server was centralized. Snowflake, and other p2p things such i2p, dht, zeronet, retroshare have centralized bootstrap problem, which is fixed by regularly making peer backups, and even snowflake team is aware of this shortcoming and actively uses things like amp cache for bootstraping
when only certain ip addresses on a whole ASN work, that is a whitelist, and there are many, there even was a SNI whitelist on CDN ip ranges, but they removed it last year and now it’s just ip blocks (of like 95% of cloudflare and 99% of fastly) and sni blocks.
no, the situation is just better after the massive unblock they did last year, but still very bad, much much worse than iranian, chinese, and russian internet censorship. For example: recently they blocked msftncsi.com and connectivitycheck.gstatic.com which is a complete nonsense because they are used for internet checking on windows and android, some phones now show “no internet”, google fonts and google drive are blocked regularly but they are mostly accessible because their ip rotates often. they have eu.speed.telecom.tm which is on hetzner, and it was blocked 2 times when they banned the whole /24 and forgot to whitelist that one speedtest ip. PSN was banned/unbanned multiple times, is banned now. I administer a local website (online marketplace) and its domain was banned because it was on a foreign cdn which was probably used by others as a proxy, i had to buy a new domain and switch to telecom.tm hosting where let’s encrypt is partially blocked and i had to issue the certificate outside of tm. (fun fact about their vps: they use ubuntu repo through http and do filtering on packages like openvpn). and this is just the beginning because i can’t remember or check everything.
upd: i actually remembered when they throttled cdn ip ranges to 1mbit/s, limited connection count to only 1 per ip and limited its lifetime to ~5 seconds before blocking, this made a lot of websites load the main page but nothing more than that, thankfully they reverted this change quickly (and they often roll back ip blocks or protocol blocks too). i have more info than this post, but it’s risky to post here.
not for long, i got my ips blocked 2 times in less than a day after transfering 5gb (worst case), sometimes it may live for a surprisingly long time like a week or a month with 10gb traffic per day, but i have no idea why, protocol doesn’t seem to matter, very low amount of traffic (like 250mb a month) works for years now on 1 ip, but i have no idea how much is a safe value even after doing more than 10 tests. Before the massive unblock it was common to stumble upon banned residential ISP, it’s not common so much now but it shows that eventually they will be banned.
upd: i remembered “belet play”, it was a youtube clone app made in 2020/2021 by a TM company, it basically contained whitelisted youtube channels and it proxied data through a whitelisted contabo ip with a built-in hidden shadowsocks client, people discovered this quickly and were extracting the config using it as a regular shadowsocks proxy, the app was discontinued sometime after. this is offtopic but what a funny story: TM company had to disguise their proxy server as a youtube clone to make it whitelisted