The Tor anti-censorship team is inviting people to try Tor Browser packages built from an experimental branch of Snowflake that is supposed to make Snowflake more reliable. There are two versions; you can try either one or both of them. If you have feedback, tell us whether you are using the “kcp” or “quic” version.
- tor-browser-snowflake-turbotunnel-kcp-9.5a5-20200223
- tor-browser-snowflake-turbotunnel-quic-9.5a5-20200223
Download the file appropriate for your operating system, unpack it, and run it. You have to enable Snowflake manually. The first time you run the browser:
- Click Configure
- Click Tor is censored in my country
- Click Select a built-in bridge
- Select snowflake from the menu
- Click Connect
If the browser is already running:
- Go to about:preferences#tor (open the Preferences menu then click Tor on the left side)
- Click Use a bridge
- Click Select a built-in bridge
- Select snowflake from the menu
Then you should be able to connect and use the browser pretty much like a normal Tor Browser. If you click the ⓘ icon in the address bar, it will show your first hop as Bridge: snowflake.
What is Snowflake?
Snowflake is a circumvention system that uses lots of temporary proxies, running in web browsers. It communicates with the proxies using WebRTC.
What is different about this experimental branch of Snowflake?
Because Snowflake proxies run in people’s web browsers, they aren’t very stable or reliable. Until now, there wasn’t a way to switch to a new proxy when the one you are using stops working—your connection would just die. These experimental packages use the “Turbo Tunnel” idea, embedding a session protocol that enables your end-to-end connection to keep working, even after a temporary proxy dies.
There are two packages because we are testing two session protocols: KCP and QUIC. For background, see this thread and this ticket.
What is Turbo Tunnel?
Turbo Tunnel is the name for a design pattern where you insert a session protocol (e.g., something with sequence numbers, acknowledgements, and retransmissions) under your circumvention layer, instead of transmitting raw byte streams. It means that you have a long-lived end-to-end session that is not tied to any single network connection. A circumvention system that uses the Turbo Tunnel concept can potentially resist RST attacks, multiplex on several connections simultaneously, and work over unreliable channels like UDP. In Snowflake, Turbo Tunnel allows persisting a session across a sequence of many unreliable temporary proxies.
For more on the Turbo Tunnel idea and the experience of integrating it into some circumvention systems, see these threads:
- Turbo Tunnel: let’s include a sequencing/reliability layer in our circumvention protocols
- Turbo Tunnel candidate protocol evaluation
- Turbo Tunnel in obfs4proxy (survives TCP connection termination)
- Turbo Tunnel in meek
What to expect
These packages with Snowflake should feel similar to a normal Tor Browser. You should be able to use them for many hours or leave them idle and they will keep working. (Before now, Snowflake would stop working if you left it idle for very long.)
The speed of the connection, besides being inherently limited by the speed of Tor, also depends on the speed of the temporary proxy you get assigned. Some proxies are faster than others. But it should generally be fast enough for YouTube videos.
When a proxy stops working, it takes 30 seconds for the software to notice. When that happens, you won’t be able to browse for at least 30 seconds, possibly more if there is a delay in acquiring a new proxy.
The Snowflake client has a debugging log enabled. The log can tell you what’s happening when you lose a proxy and connect to a new one. You can find the log file here:
- linux
- tor-browser_en-US/torBrowser/TorBrowser/Data/Tor/pt_state/snowflake-client.log
- windows
- Browser\TorBrowser\Data\Tor\pt_state\snowflake-client.log
- mac
- Tor Browser.app/Contents/Resources/TorBrowser/Tor/pt_state/snowflake-client.log
Here’s a guide to reading the log file:
Traffic Bytes (in|out): 0 | 972- If the number on the left stays at 0, the proxy isn't working.
Traffic Bytes (in|out): 52457 | 7270- When the number of the left is nonzero, the proxy is working.
WebRTC: No messages received for 30s -- closing stale connection- This means that the current proxy has stopped working.
redialing on same connection- The client is now getting a new proxy to replace the failed one.
These special packages disable the normal Tor Browser update check for 60 days. That is because an update would remove the Turbo Tunnel features. After 2020-04-23, they will begin to update again and become a normal Tor Browser alpha. (But don’t rely on it, because this part isn’t tested.)