snow: FAQ

snow FAQ

Q: I installed it! How do I find out my key?
A: grep "Your key is" /var/log/syslog

Q: How do I change the address pool, or set aliases for keys, or set my DNS server, or run sdns on the same machine as some other DNS server, or forward a port from my gateway?
A: See Advanced Configuration.

Q: What is the overhead of doing all this?
A: On a Core 2 Duo without AES-NI the throughput is over 300Mbps and the packet latency is a fraction of a millisecond. A newer processor with AES-NI can be expected to impove throughput significantly. There has also been very little effort to optimize the code and the relevant part is currently single-threaded, so there is still room for improvement.

Q: What does "segmentation fault" mean?
A: Please report bugs here.

Q: How does snow deal with key distribution?
A: Key distribution is one of the prickliest problems in computer security. Snow does nothing but get out of your way so you can do it however it works for you. Your ".key" is your key. This is surprisingly effective in practice because different usage patterns have vastly different requirements and capabilities. Application developers can often piggyback authentication of the user's device key on top of whatever method is used to authenticate the user. Anyone using secure DNS or with negligible security requirements can use DNS CNAME records. Individuals with higher security requirements can exchange keys in person. You can encode a key URL as a QR code and put it on a sign in the lobby of your building, or send a PGP authenticated email, or list the key of each user's device in your organization's directory, or whatever you like. Expecting entrepreneurs, bureaucracies, cypherpunks and NGOs to all use the same key distribution system is how we ended up with a broken mess like X.509 and ASN.1. The decentralized approach seems like the way to go here. Although if you really wanted to you could probably get a CA to sign an extended validation certificate with your key as the common name and present it to people to assert the association between yourself and your key.

Q: Is it secure?
A: Security is not binary.

Q: OK, how secure is it?
A: It seems like you just asked that question.

Q: No, the first question was if it's secure, the second question was how secure is it.
A: Well now that wasn't even a question at all. Tell you what, if you find an unreported security vulnerability I'll buy you a beer.

Q: Does it at least support privilege separation?
A: Yes. On startup snow needs to set up a tun interface and snow and sdns bind privileged ports, after that each can switch to a service account without root privileges.

Q: What about encryption?
A: Snow currently uses datagram TLS for authentication, encryption and perfect forward secrecy.

A: Please remain calm. Each device being addressable from one another is the way the Internet was designed to work and is the way IPv6 works, so this is something you will want to adapt to rather than resist. You will likely want to employ some kind of endpoint firewall like iptables on Linux. It is possible to identify traffic from snow based on the IP address range your device uses for it.

Q: OK, but doesn't this mean people can tunnel arbitrary traffic past a firewall?
A: The ability to tunnel arbitrary traffic through a single connection has existed since time immemorial. See also ssh and SSL-based VPNs. Trying to allow two endpoints to communicate some information but not other information is generally a lost cause when you don't control either of them. Network middleboxes are past due for an ELE. Middleboxes making poor assumptions cause nothing but headaches for network administrators. See also TCP DNS, EDNS, path MTU discovery, asymmetric routes. As security improves less information is inherently available outside of the endpoints which make middleboxes simultaneously less accurate, less useful and more expensive.

So be not afraid, enterprise admins. This is the new way forward. And I'm going to have something else for you in a little bit which I think you're going to like, so stay tuned (and maybe allocate some money for me in next year's budget; got to pay for all the beer I'm going to owe people somehow).

Q: I think this is really cool. Is it possible to buy commercial support or make a donation to support development?
A: Contact.

[snow] [How it works] [How to use it] [How to install it] [Advanced Configuration] [App Development] [Read the FAQ]