Split the snowflake tutorial into two

opsec/tor/bridge/index.html

@@ -225,6 +225,39 @@ Bridge obfs4 134.209.26.190:8042 829165B21621041E7A9CDF7192AFFC51CA640B0E  cert=
 	    </div> <!-- /container -->
 	</div><!-- /white -->
 
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Snowflake bridge theory</b></h2> </br> </br>
+<p>As time goes to 2024 censorship becomes more advanced, and sometimes snowflake protocol works better than obfs4. We will go through theories and setup about snowflake bridge</p>
+<p>For a normal tor connection without bridge, you will:</p>
+<p>1.Talk to central directory</p>
+<p>2.Get network information</p>
+<p>3.Connect to your gurad nodes, and form tor circuits</p>
+<img src="snowflake-migrate/normal_tor_connection.png" class="imgRz" style="width: 700px">
+<p>If tor network is blocked, you cannot talk to central directory or any tor node ip, then you need a <b>bridge</b></p>
+<p>All of your communication goes through the bridge, including your initial talk to central directory, and your bridge automatically becomes your first tor node</p>
+<img src="snowflake-migrate/bridge.png" class="imgRz" style="width: 600px">
+<p>Bridges are usually not publicly announced for censorship resistance, since once a bridge ip get known by censoring firewall it can simply drop all the packets to that ip</p>
+<p>This is the weakness for traditional tor bridges, not matter how hard you try to obfuscate your traffic, the <b>bridge ip </b>always have to be semi-public because you want people to use it, but this means people who work for censorship can also find bridge ip</p>
+<p>To end this cat and mouse game, snowflake is introduced</p>
+
+<img src="snowflake-migrate/snowflake-schematic.png" class="imgRz" style="width: 700px">
+<p>This is a picture of how snowflake works from tor official</p>
+<p>First you have volunteers over the world who install snowflake plugin in their browsers, they act as bridges for you to connect to tor network. Because this is mostly run by amateurs, and people turn on and off their devices all the time, which makes many ephemeral bridges, and this is why it is called snowflake</p>
+<p>There is also a server called broker that knows all the information about snowflakes</p>
+<img src="snowflake-migrate/snowflakes.png" class="imgRz" style="width: 600px">
+<p>Then you will use a technique called domain fronting, which makes you seems connecting to a legit service like azure cloud or google cloud, but your actual connection goes to the broker.</p>
+<img src="snowflake-migrate/domain-fronting.png" class="imgRz" style="width: 600px">
+<p>Then the broker server introduce you to the snowflake proxy, then you establish a webrtc connection, which is a connection allows two app to have direct connection for video call or file transmission. Then your traffic goes to the snowflake proxy, and connects to the rest of tor network</p>
+<img src="snowflake-migrate/WebRTC.png" class="imgRz" style="width: 600px">
+<p>Then you connect to tor network!</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
 	<!-- +++++ Footer Section +++++ -->
 
 	<div id="anonb">