Newbie: snowflake abuse by local government?

I’m running snowflake on inside a Docker.
Question from a newbie.
We provide services when running a snowflake proxy.
Is a local “government” able to abuse this service for their own purpose?

1 Like

I’m afraid i don’t understand what is your question :sweat_smile:

1 Like

Sorry for my bad English.
We run a snowflake proxy in order to help people against a blocked internet.
I see in the logs many traffic relayed.
Local authorities like the government of Iran knows about snowflake proxy surely.
I’m sure they try to boycott it.
Are they able to use snowflake for their own purpose and consume all of our resources?

2 Likes

I don’t see how they can consume all the resources.
Also i don’t think someone is trying to boycott Snowflake particularly.
Who wants to disturb TOR network is DDoSing the network, and there were some DDoSes lately

1 Like

Attacks on snowflake are possible.
It is not tested as good as core Tor.
So many bugs may be unnoticed. For example, I noticed some problems with RAM usage in standalone proxy. If they can be exploited, there will be lots of problems.
Bearing in mind that existing attack makes problems even for well tested Tor, attack on snowflake may be even more dangerous.

In order to minimize such risks of exploits is it better to run snowflake on a e.g. bare metal pi, or is it ok to run it inside docker? But docker is an additional layer.

1 Like

For something that is beneficial to them directly? No, I don’t think so. It’s no more beneficial to them than the Tor network itself.

I’ve heard that Docker is not made for containment as virtual machines are, but don’t quote me on that.

To you personally, I don’t think Snowflake is more dangerous than any other network-facing software.
What is plausible is DOS attacks (e.g. see Broker needs better resilience against DoS (#25593) · Issues · The Tor Project / Anti-censorship / Pluggable Transports / Snowflake · GitLab), but I don’t think this has ever happened to the Snowflake network.

2 Likes