Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Encryption Government Privacy The Almighty Buck

Russia Posts $110,000 Bounty For Cracking Tor's Privacy 98

Posted by Soulskill
from the what-happens-in-siberia-stays-in-siberia dept.
hypnosec writes: The government of Russia has announced a ~$110,000 bounty to anyone who develops technology to identify users of Tor, an anonymising network capable of encrypting user data and hiding the identity of its users. The public description (in Russian) of the project has been removed now and it only reads "cipher 'TOR' (Navy)." The ministry said it is looking for experts and researchers to "study the possibility of obtaining technical information about users and users' equipment on the Tor anonymous network."
This discussion has been archived. No new comments can be posted.

Russia Posts $110,000 Bounty For Cracking Tor's Privacy

Comments Filter:
  • by Anonymous Coward on Friday July 25, 2014 @03:57PM (#47534611)

    Remember, TOR was made by the US Navy specifically to anonymize the traffic of government spies. The public release of the project and transfer to EFF and later parties was specifically to provide cover for said spies. The current developers even consult with the NSA regarding it's security, and the NSA itself has tools to deanonymize it to a certain extent. (It probably relies on the fact that they run a large amount of exit nodes.)

    Russia doesn't want to decrypt your packets. They want to decrypt the CIA/NSA/FBI traffic you're relaying around.

  • by Anonymous Coward on Friday July 25, 2014 @04:40PM (#47534899)
    There is so much wrong with your post that I don't know if you are vastly uninformed or if you are a troll.

    Remember, TOR was made by the US Navy specifically to anonymize the traffic of government spies.

    No, TOR was a project about creating the ability for people in repressive countries to be able to access the Internet in ways that their government was either blocking, or whose access could endanger the user since it was not in line with the government's decrees and/or filters.

    The public release of the project and transfer to EFF and later parties was specifically to provide cover for said spies.

    Ah, the standard conspiracy theorists' "that's what they want you to think, but really ..." (fill in with unlikely or unsubstantiated claim) I do admit though that spies could also take advantage of it, along with criminals, botnets, etc.

    The current developers even consult with the NSA regarding it's security

    I don't know if that is true, but assuming it is, Congress has given the NSA the role of being the US government authority on computer security and on encryption, as well as aiding US companies and interests in these areas to benefit the US. Since protecting the ability of people in hostile locations to continue to access resources such as gmail and twitter, often through the use of tools like TOR, has been deemed in the US interest, the NSA's charter therefore covers helping to ensure TOR is a safe, secure, and robust tool. I do not see the problem, other than guilt by association. Of course by that same logic, almost all major security products you utilize would similarly be suspect (assuming you are in the US).

    the NSA itself has tools to deanonymize it to a certain extent. (It probably relies on the fact that they run a large amount of exit nodes.)

    Other than running TOR exit nodes to monitor and potentially manipulate the traffic entering the TOR network (a well known attack against TOR that many actors are utilizing, not just the NSA), are you claiming they have other ways to deanonymize the traffic? If so, cite?

    Russia doesn't want to decrypt your packets. They want to decrypt the CIA/NSA/FBI traffic you're relaying around.

    While I am sure Russia would like to see any spy traffic that is using TOR, I am pretty sure the bigger reason is what I mentioned about about repressive regimes. They are much more interested in the actions of their own citizens that they feel may endanger the state, i.e. their corrupt, crony filled government, since a well-informed populace would be their greatest threat. Just read about how the state-owned/controlled media there is currently reporting the "facts" surrounding the MH17 airplane crash, then consider that their biggest obstacle is that the people can get information from sources other than the Russian government. They would love to be able to shut that down, or at least know who is going around them so they can shut THEM down.

  • by Anonymous Coward on Friday July 25, 2014 @05:09PM (#47535037)

    No, TOR was a project about creating the ability for people in repressive countries to be able to access the Internet in ways that their government was either blocking, or whose access could endanger the user since it was not in line with the government's decrees and/or filters.

    No, you're wrong and OP is right:

    http://cryptome.org/0003/tor-spy.htm

    Creators of TOR:
    David M. Goldschlag
    Michael G. Reed
    Paul F. Syverson
    Naval Research Laboratory

    More:

    http://www.onion-router.net/Publications/IH-1996.pdf
    http://www.isoc.org/inet97/proceedings/F7/F7_1.HTM
    http://www.onion-router.net/

    TOR Made for USG Open Source Spying Says Maker

    Date: Tue, 22 Mar 2011 16:57:39 -0400
    From: Michael Reed
    To: tor-talk[at]lists.torproject.org
    Subject: Re: [tor-talk] Iran cracks down on web dissident technology

    On 03/22/2011 12:08 PM, Watson Ladd wrote:
    > On Tue, Mar 22, 2011 at 11:23 AM, Joe Btfsplk wrote:
    >> Why would any govt create something their enemies can easily use against
    >> them, then continue funding it once they know it helps the enemy, if a govt
    >> has absolutely no control over it? It's that simple. It would seem a very
    >> bad idea. Stop looking at it from a conspiracy standpoint& consider it as
    >> a common sense question.
    > Because it helps the government as well. An anonymity network that
    > only the US government uses is fairly useless. One that everyone uses
    > is much more useful, and if your enemies use it as well that's very
    > good, because then they can't cut off access without undoing their own
    > work.

    BINGO, we have a winner! The original *QUESTION* posed that led to the
    invention of Onion Routing was, "Can we build a system that allows for
    bi-directional communications over the Internet where the source and
    destination cannot be determined by a mid-point?" The *PURPOSE* was for
    DoD / Intelligence usage (open source intelligence gathering, covering
    of forward deployed assets, whatever). Not helping dissidents in
    repressive countries. Not assisting criminals in covering their
    electronic tracks. Not helping bit-torrent users avoid MPAA/RIAA
    prosecution. Not giving a 10 year old a way to bypass an anti-porn
    filter. Of course, we knew those would be other unavoidable uses for
    the technology, but that was immaterial to the problem at hand we were
    trying to solve
    (and if those uses were going to give us more cover
    traffic to better hide what we wanted to use the network for, all the
    better...I once told a flag officer that much to his chagrin). I should
    know, I was the recipient of that question from David, and Paul was
    brought into the mix a few days later after I had sketched out a basic
    (flawed) design for the original Onion Routing.

    The short answer to your question of "Why would the government do this?"
    is because it is in the best interests of some parts of the government
    to have this capability... Now enough of the conspiracy theories...

    -Michael

  • Re:$110,000 (Score:1, Informative)

    by Anonymous Coward on Friday July 25, 2014 @06:07PM (#47535413)

    Russians are really cheap bastards. I suppose it is out of necessity.

    $110,000 is probably 1 night of gay hookers and blow for Putin.

You're already carrying the sphere!

Working...