Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Privacy Government Security Social Networks

Is Russia Trying to Deanonymize Tor Traffic? (zdnet.com) 85

A contractor for Russia's intelligence agency suffered a breach, revealing projects they were pursuing -- including one to deanonymize Tor traffic.

An anonymous reader shared this report from ZDNet: The breach took place last weekend, on July 13, when a group of hackers going by the name of 0v1ru$ hacked into SyTech's Active Directory server from where they gained access to the company's entire IT network, including a JIRA instance. Hackers stole 7.5TB of data from the contractor's network, and they defaced the company's website with a "yoba face," an emoji popular with Russian users that stands for "trolling..." Per the different reports in Russian media, the files indicate that SyTech had worked since 2009 on a multitude of projects.
In February ZDNet reported that Russia disconnected itself from the rest of the internet in a test -- and suggests today that it was a real-world test of one of these leaked "secret projects" from the Russian intelligence agency. But the other projects include:
  • Nautilus-S - a project for deanonymizing Tor traffic with the help of rogue Tor servers.
  • Nautilus - a project for collecting data about social media users (such as Facebook, MySpace, and LinkedIn).
  • Reward - a project to covertly penetrate P2P networks, like the one used for torrents.
  • Mentor - a project to monitor and search email communications on the servers of Russian companies.
  • Tax-3 - a project for the creation of a closed intranet to store the information of highly-sensitive state figures, judges, and local administration officials, separate from the rest of the state's IT networks.

ZDNet also reports that the Tor-deanonymizing project, started in 2012, "appears to have been tested in the real world," citing a 2014 paper which found 18 malicious Tor exit nodes located in Russia.

Each of those hostile Russian exit nodes used version 0.2.2.37 of Tor -- the same one described in these leaked files.


This discussion has been archived. No new comments can be posted.

Is Russia Trying to Deanonymize Tor Traffic?

Comments Filter:
  • Wow. (Score:5, Insightful)

    by Gravis Zero ( 934156 ) on Saturday July 20, 2019 @04:03PM (#58957548)

    35 AC posts before a single real post. Seems Russia doesn't like it's secrets getting out.

  • by LordWabbit2 ( 2440804 ) on Saturday July 20, 2019 @04:13PM (#58957580)
    The NSA has been doing this for years, Russia's trying to play catch up with Snowdens help. The article makes it sound like Russia is being "bad", if that's the case the USA has been "bad" for a number of years.

    This Russiafobia crap is getting on my tits. It's OK if the US interferes with another countries elections, or spies on everyone, or invades countries, but if anyone else does it they are the DEVIL!!!

    Just like this stupid app that ages peoples faces, "It's sending data to the Russians!!!" Just like every fucking iPhone/Android phone sent data to the the Americans!!! But of course, we can trust the Americans, they would never ever do anything bad with all the data they are collecting. Oh no, totally trustworthy. (That was sarcasm for you dimwitted Americans out there).
    • by Anonymous Coward

      Hey asshole, both governments are the enemy of the people. No government should be doing this crap.

    • by AHuxley ( 892839 )
      Reads like most advanced nations tax, state and federal police work.
      Only part police would hide real deep is their smartphone voice print database contractor :)
      This decades police and a nations gov/mil know of "social media" after years of http and ftp?
      Police/gov/mil have an interest in the origins of onion routing given NGO, other gov use of such networking.
      What nation does not have a list of its own companies?

      Would anyone in Russia approve paperwork to keep anything of interest with "contractors"
    • if that's the case the USA has been "bad" for a number of years. .. This Russiafobia crap...

      The difference is a lot of /.'ers live in the US, and the topic is that Russia is trying to inspect our tor traffic. If the current article was the CIA, then we'd surprisingly be just at outraged, but today's topic is Russia, and we're talking about some evidence that they're trying to deanonymize Tor traffic, collect social media info, penetrate P2P networks, and search email of private companies. If you have evidence of the CIA doing these things, don't post here - submit that as a new article! That's

    • Do the Americans kill journalists (numerous) that report on the corruption of politicians? Do the Americans kill political opponents? Do the Americans poison their exiled dissidents with polonium 210? Last I checked Snowden is still alive. Assange is also not dead. Many Americans would love to see those two dead but they are still breathing. Seems like you are trying to draw some kind of false equivalence here. The Americans are far from perfect but killing journalists and political opponents is bad,
      • Jeez this needs mod points so bad. The US (86/100) has a slightly worse reputation than West European countries (~93/100), but Russia is abysmal (20/100).

        With loyalist security forces, a subservient judiciary, a controlled media environment, and a legislature consisting of a ruling party and pliable opposition factions, the Kremlin is able to manipulate elections and suppress genuine dissent. Rampant corruption facilitates shifting links among bureaucrats and organized crime groups.

        https://freedomhouse.org/repor... [freedomhouse.org]

    • by Xenna ( 37238 )

      You're obviously confused. I'll help you. The people with the missiles pointed at you are the enemy. For anyone in the 'free West' that means (among others) the Russians.

  • It should be noted that 18 malicious Tor nodes is fucking nothing. The network has over 6000 relays, and you need to own at minimum 2 in the chain of 3 to deanonymise someone, and getting selected as a relay in someone's tunnel is absolutely based on luck and opportunistic rather than targeted.
    You also shouldn't be concerned about people attacking Tor in general. If it's possible to break Tor, then breaking it is a *good* thing, because in the long run it results in patches and improvements. Security by o
    • by AHuxley ( 892839 )
      Recall the US work with EgotisticalGiraffe, Quantum Cookie and FoxAcid server.
      The way to see people with Fairview, Blarney, Oakstar and Stormbrew.
      Collected with XKeyscore.
  • If they convince Betteridge first.

  • So is every other government on the planet in a country with a big enough budget to have a real Intelligence department.
    Also every sizeable criminal organization, I'm sure.
    • Exactly. Can you imagine the havoc they could cause if they penetrated it, captured a couple months of traffic, filtered it down to everyone with political connections in the US, and simply outed them all at once? Just the possibility is worth funding a small project to continually pursue it.
      • Also the reverse: use the 'dark web' to hide your own intelligence traffic. Look at how hard it's been tracking down drug trafficking sites and murder-for-hire sites that existed on the dark web, and those were relatively speaking amateurs compared to professional intelligence personnel.

As you will see, I told them, in no uncertain terms, to see Figure one. -- Dave "First Strike" Pare

Working...