[tor-bugs] #21315 [Obfuscation/Snowflake]: publish some realtime stats from the broker?

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Mar 27 16:07:23 UTC 2019


#21315: publish some realtime stats from the broker?
-----------------------------------+------------------------
 Reporter:  arma                   |          Owner:  (none)
     Type:  enhancement            |         Status:  new
 Priority:  Medium                 |      Milestone:
Component:  Obfuscation/Snowflake  |        Version:
 Severity:  Normal                 |     Resolution:
 Keywords:                         |  Actual Points:
Parent ID:  #29461                 |         Points:
 Reviewer:                         |        Sponsor:
-----------------------------------+------------------------
Changes (by cohosh):

 * cc: cohosh (added)


Comment:

 Here's a summary of the current state of things:

 === Eventual Goals

 It sounds like we have a few things we want to achieve/learn from
 collected metrics:
 - Detect censorship events
 - Allow current or potential proxies to see if they are needed
 - Allow clients to see whether their connection issues are due to
 censorship or proxy availability
 - Help us figure out whether we should be doing something different in
 distributing proxies to clients

 === What We Have

 We current collect and "publish" information on:
 - how many snowflake are currently available along with their SIDs
 (available at broker /debug handler). This is good for more detailed
 monitoring of censorship events. Even though we collect bridge usage
 metrics, collecting broker usage metrics will narrow down where the
 censorship is happening.
 - country stats of domain-fronted client connections (logged, most recent
 snapshot at broker /debug)
 - the roundtrip time it takes for a client to connect to get a snowflake
 proxy answer (available at broker /debug)
 - the usual snowflake bridge statistics (at metrics.torproject.org)

 === What We Want

 Some of the metrics mentioned above will be easier to implement than
 others. The best place to collect statistics is at the broker, but some of
 the data mentioned would require proxies to report metrics to the broker
 for collection. We have to be a bit careful with this since anyone can run
 a proxy. It will also impact the decisions we make for #29207.

 > I would also be interested in stats about users and usage (including
 e.g. number of users being handled divided by number of snowflakes
 handling them)

 This is a bit tricky. The broker knows which proxies it hands out the
 users but doesn't know the state of the clients' connections to those
 proxies (e.g., when they have been closed). It's also worth noting that
 different "types" of proxies (standalone vs. browser-based) can handle a
 different amount of users at once. Perhaps a more useful metric would be
 for snowflake proxies to advertize to the broker how many available
 "slots/tokens" they have when they poll for clients. This could be added
 to the broker--proxy WebSocket protocol. It would also avoid collecting
 more data on clients which is generally safer

 > how many times are you giving snowflakes out? How many times did you
 stop giving a snowflake out because you've given it out so many times
 already? These questions tie into the address distribution algorithm
 question

 The above comment addresses this as well. The broker doesn't really decide
 whether or not they've given a snowflake out too many times. I think more
 important to deciding whether we are giving out proxies in a good way is
 to try to measure how "reliable" individual proxies have been in the past.
 This is related to setting up persistent identifiers (#29260).

 It might also be interesting to have some kind of proxy diversity metric
 (e.g., whether 90% of all connections are handled by the same proxy). We
 can get some idea with persistent identifiers (#29260), but of course
 using a persistent identifier will always be optional. We can also do
 collection of geoip country stats of proxies.

 === Next steps

 - Narrow down what we want
 - Address prerequisite tickets (#29207, #29260)
 - Log all of the statistics in a reasonable format
 - coordinate with the metrics team to get these metrics collected and
 visualized somewhere

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21315#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list