Is Russia Trying to Deanonymize Tor Traffic? (zdnet.com) 85
A contractor for Russia's intelligence agency suffered a breach, revealing projects they were pursuing -- including one to deanonymize Tor traffic.
An anonymous reader shared this report from ZDNet: The breach took place last weekend, on July 13, when a group of hackers going by the name of 0v1ru$ hacked into SyTech's Active Directory server from where they gained access to the company's entire IT network, including a JIRA instance. Hackers stole 7.5TB of data from the contractor's network, and they defaced the company's website with a "yoba face," an emoji popular with Russian users that stands for "trolling..." Per the different reports in Russian media, the files indicate that SyTech had worked since 2009 on a multitude of projects.
In February ZDNet reported that Russia disconnected itself from the rest of the internet in a test -- and suggests today that it was a real-world test of one of these leaked "secret projects" from the Russian intelligence agency. But the other projects include:
An anonymous reader shared this report from ZDNet: The breach took place last weekend, on July 13, when a group of hackers going by the name of 0v1ru$ hacked into SyTech's Active Directory server from where they gained access to the company's entire IT network, including a JIRA instance. Hackers stole 7.5TB of data from the contractor's network, and they defaced the company's website with a "yoba face," an emoji popular with Russian users that stands for "trolling..." Per the different reports in Russian media, the files indicate that SyTech had worked since 2009 on a multitude of projects.
In February ZDNet reported that Russia disconnected itself from the rest of the internet in a test -- and suggests today that it was a real-world test of one of these leaked "secret projects" from the Russian intelligence agency. But the other projects include:
- Nautilus-S - a project for deanonymizing Tor traffic with the help of rogue Tor servers.
- Nautilus - a project for collecting data about social media users (such as Facebook, MySpace, and LinkedIn).
- Reward - a project to covertly penetrate P2P networks, like the one used for torrents.
- Mentor - a project to monitor and search email communications on the servers of Russian companies.
- Tax-3 - a project for the creation of a closed intranet to store the information of highly-sensitive state figures, judges, and local administration officials, separate from the rest of the state's IT networks.
ZDNet also reports that the Tor-deanonymizing project, started in 2012, "appears to have been tested in the real world," citing a 2014 paper which found 18 malicious Tor exit nodes located in Russia.
Each of those hostile Russian exit nodes used version 0.2.2.37 of Tor -- the same one described in these leaked files.
Re: (Score:2)
At this stage illegal activities are probably finding other channels than TOR. If you don't move you will get caught.
Re: (Score:1)
Re: (Score:1)
Re: This why you use (Score:2, Informative)
Tor over VPN obscures the fact your IP is using tor at all... assuming your VPN of choice is itself secure.
Re: (Score:1)
While I salute your dedication to privacy, that's not necessary at all. Tor is at its heart 3 VPNs in a row, so all you're achieving is slowing down your traffic.
He's right it is totally necessary and common misconception I see a lot that tor is a privacy tool. Tor is anonymity tool NOT privacy tool. When used correctly it does its job really well but many seem to think it is like using a vpn when it is far from it as the traffic is visible to all the middlemen thus the vpn. For example if 99% of the postal mail was postcards or clear envelopes then to be anonymous/blend in you'd send your sensitive mail in the same form, that message on the postcard is anonymous if
Wow. (Score:5, Insightful)
35 AC posts before a single real post. Seems Russia doesn't like it's secrets getting out.
Re: (Score:1)
Sounds like the NSA (Score:5, Insightful)
This Russiafobia crap is getting on my tits. It's OK if the US interferes with another countries elections, or spies on everyone, or invades countries, but if anyone else does it they are the DEVIL!!!
Just like this stupid app that ages peoples faces, "It's sending data to the Russians!!!" Just like every fucking iPhone/Android phone sent data to the the Americans!!! But of course, we can trust the Americans, they would never ever do anything bad with all the data they are collecting. Oh no, totally trustworthy. (That was sarcasm for you dimwitted Americans out there).
Well tell Paul Manafort's gout when you see him. (Score:1)
“'Charging the president with a crime was an option we could not consider,” Mueller said.
“If we had had confidence that the president clearly did not commit a crime, we would have said so,” Mueller added.
“We did not however make a determination as to whether the president did commit a crime.”
Mueller said “it would be unfair” to accuse someone with a crime who can’t defend himself at trial, emphasizing that he was following a Justice Department policy aga
Re: (Score:2)
Re: Sounds like the NSA (Score:1)
Hey asshole, both governments are the enemy of the people. No government should be doing this crap.
Re: (Score:2)
Only part police would hide real deep is their smartphone voice print database contractor
This decades police and a nations gov/mil know of "social media" after years of http and ftp?
Police/gov/mil have an interest in the origins of onion routing given NGO, other gov use of such networking.
What nation does not have a list of its own companies?
Would anyone in Russia approve paperwork to keep anything of interest with "contractors"
Re: (Score:2)
if that's the case the USA has been "bad" for a number of years. .. This Russiafobia crap...
The difference is a lot of /.'ers live in the US, and the topic is that Russia is trying to inspect our tor traffic. If the current article was the CIA, then we'd surprisingly be just at outraged, but today's topic is Russia, and we're talking about some evidence that they're trying to deanonymize Tor traffic, collect social media info, penetrate P2P networks, and search email of private companies. If you have evidence of the CIA doing these things, don't post here - submit that as a new article! That's
Re: (Score:2)
Re: (Score:2)
With loyalist security forces, a subservient judiciary, a controlled media environment, and a legislature consisting of a ruling party and pliable opposition factions, the Kremlin is able to manipulate elections and suppress genuine dissent. Rampant corruption facilitates shifting links among bureaucrats and organized crime groups.
https://freedomhouse.org/repor... [freedomhouse.org]
Re: (Score:2)
You're obviously confused. I'll help you. The people with the missiles pointed at you are the enemy. For anyone in the 'free West' that means (among others) the Russians.
Doesn't matter, maybe even good (Score:1)
You also shouldn't be concerned about people attacking Tor in general. If it's possible to break Tor, then breaking it is a *good* thing, because in the long run it results in patches and improvements. Security by o
Re: (Score:2)
The way to see people with Fairview, Blarney, Oakstar and Stormbrew.
Collected with XKeyscore.
Sure (Score:2)
If they convince Betteridge first.
What a dumb question, of course they are! (Score:2)
Also every sizeable criminal organization, I'm sure.
Re: (Score:2)
Re: (Score:2)