Russia Posts $110,000 Bounty For Cracking Tor's Privacy 98
hypnosec writes: The government of Russia has announced a ~$110,000 bounty to anyone who develops technology to identify users of Tor, an anonymising network capable of encrypting user data and hiding the identity of its users. The public description (in Russian) of the project has been removed now and it only reads "cipher 'TOR' (Navy)." The ministry said it is looking for experts and researchers to "study the possibility of obtaining technical information about users and users' equipment on the Tor anonymous network."
TOR is a US-backed project (Score:5, Informative)
Remember, TOR was made by the US Navy specifically to anonymize the traffic of government spies. The public release of the project and transfer to EFF and later parties was specifically to provide cover for said spies. The current developers even consult with the NSA regarding it's security, and the NSA itself has tools to deanonymize it to a certain extent. (It probably relies on the fact that they run a large amount of exit nodes.)
Russia doesn't want to decrypt your packets. They want to decrypt the CIA/NSA/FBI traffic you're relaying around.
Re:TOR is a US-backed project (Score:1, Informative)
Remember, TOR was made by the US Navy specifically to anonymize the traffic of government spies.
No, TOR was a project about creating the ability for people in repressive countries to be able to access the Internet in ways that their government was either blocking, or whose access could endanger the user since it was not in line with the government's decrees and/or filters.
The public release of the project and transfer to EFF and later parties was specifically to provide cover for said spies.
Ah, the standard conspiracy theorists' "that's what they want you to think, but really ..." (fill in with unlikely or unsubstantiated claim) I do admit though that spies could also take advantage of it, along with criminals, botnets, etc.
The current developers even consult with the NSA regarding it's security
I don't know if that is true, but assuming it is, Congress has given the NSA the role of being the US government authority on computer security and on encryption, as well as aiding US companies and interests in these areas to benefit the US. Since protecting the ability of people in hostile locations to continue to access resources such as gmail and twitter, often through the use of tools like TOR, has been deemed in the US interest, the NSA's charter therefore covers helping to ensure TOR is a safe, secure, and robust tool. I do not see the problem, other than guilt by association. Of course by that same logic, almost all major security products you utilize would similarly be suspect (assuming you are in the US).
the NSA itself has tools to deanonymize it to a certain extent. (It probably relies on the fact that they run a large amount of exit nodes.)
Other than running TOR exit nodes to monitor and potentially manipulate the traffic entering the TOR network (a well known attack against TOR that many actors are utilizing, not just the NSA), are you claiming they have other ways to deanonymize the traffic? If so, cite?
Russia doesn't want to decrypt your packets. They want to decrypt the CIA/NSA/FBI traffic you're relaying around.
While I am sure Russia would like to see any spy traffic that is using TOR, I am pretty sure the bigger reason is what I mentioned about about repressive regimes. They are much more interested in the actions of their own citizens that they feel may endanger the state, i.e. their corrupt, crony filled government, since a well-informed populace would be their greatest threat. Just read about how the state-owned/controlled media there is currently reporting the "facts" surrounding the MH17 airplane crash, then consider that their biggest obstacle is that the people can get information from sources other than the Russian government. They would love to be able to shut that down, or at least know who is going around them so they can shut THEM down.
Re:TOR is a US-backed project (Score:5, Informative)
No, TOR was a project about creating the ability for people in repressive countries to be able to access the Internet in ways that their government was either blocking, or whose access could endanger the user since it was not in line with the government's decrees and/or filters.
No, you're wrong and OP is right:
http://cryptome.org/0003/tor-spy.htm
Creators of TOR:
David M. Goldschlag
Michael G. Reed
Paul F. Syverson
Naval Research Laboratory
More:
http://www.onion-router.net/Publications/IH-1996.pdf
http://www.isoc.org/inet97/proceedings/F7/F7_1.HTM
http://www.onion-router.net/
Re:$110,000 (Score:1, Informative)
Russians are really cheap bastards. I suppose it is out of necessity.
$110,000 is probably 1 night of gay hookers and blow for Putin.