Slashdot Mirror

← Back to Stories (view on slashdot.org)

Russia's Plan To Crack Tor Crumbles

Posted by samzenpus on from the not-as-easy-as-it-looks dept.

mspohr writes: It looks like Russia's effort to crack Tor was harder than they anticipated. The company that won the contract is now trying to get out of it. Bloomberg reports: "The Kremlin was willing to pay 3.9 million rubles ($59,000) to anyone able to crack Tor, a popular tool for communicating anonymously over the Internet. Now the company that won the government contract expects to spend more than twice that amount to abandon the project. The Central Research Institute of Economics, Informatics, and Control Systems—a Moscow arm of Rostec, a state-run maker of helicopters, weapons, and other military and industrial equipment—agreed to pay 10 million rubles ($150,000) to hire a law firm tasked with negotiating a way out of the deal, according to a database of state-purchase disclosures. Lawyers from Pleshakov, Ushkalov and Partners will work with Russian officials on putting an end to the Tor research project, along with several classified contracts, the government documents say."

6 of 122 comments (clear)

  1. too hard or too cheap? by Anonymous Coward · · Score: 5, Insightful

    Sounds more like the problem was related to Russia only offering 60k for the effort.

    1. Re:too hard or too cheap? by gl4ss · · Score: 2, Insightful

      not being able to deliver and taking money is the norm in Russia's business post USSR, so there's nothing new there.

      seriously... it's one of the reasons the economy over there is so small compared to population.. and why people are still growing potatoes in the backyards out of absolute 100% necessity.

      it's also why finland has had to build their fucking water treatment plants for them to keep their (literal) shit out of the gulf of finland.

      --
      world was created 5 seconds before this post as it is.
  2. That's a shame... by TrimTabTim · · Score: 2, Insightful

    The cat and mouse game between black-hats and FOSS developers in the end usually just makes the code better. When I read the original article back in Feb, I kind of thought it would be cool if they found a few Tor vuln's to fix, even if they exploited them for a while before the public discovered them.

    But now Putin and his cronies are probably just going to get more aggressive with their anti-encryption stances, if that's even possible. It's all gonna backfire on them one day.

  3. Seriously? by Anonymous Coward · · Score: 2, Insightful

    59'000$ for something that the NSA (acording to Snowden) could not crack... Really?? Is Putin watching too much russian TV?!

  4. Re:Awwww! by bancho · · Score: 5, Insightful

    The American government pays better.

  5. Re:Ask the NSA by Anonymous Coward · · Score: 5, Insightful

    None of the stories about how the feds busted the silk road guy add up. It's already demonstrated that the whole "I connected to the server and it gave me a public ip" story was bullshit: the server configuration had been entered into evidence and people reconstructed the server and discovered that it did not, in fact, serve up a captcha with the real IP (in fact, due to a server misconfiguration, it would serve a mysql admin page.) Or the one about the guy having a box of fake IDs mailed to himself from Canada that just so happened to be opened by customs?

    The fact is, TORs developers openly admit that it is not secure against PRISM-level attacks that observe every packet on the internet. They cannot see what is in your packet, but they absolutely can see that your packet is sent to tor node A and 0.5ms later, a packet of the same size is sent to tor node B, which sends a packet of the same size to tor node C, and so on until it gets to the silk road or kiddieporn-r-us, or whatever. Then they can see the packets coming back the same route. This is all metadata. And to figure out where the silk road server is? Easy: they connect to it themselves and track their own packets.