Announcement

Collapse
No announcement yet.

Russia Posts $110,000 Bounty For Cracking Tor's Privacy

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Hacc
    replied
    Hopefully, it was those researchers systems that were doing this and not a government agency. It's still not good on their part, but who knows what will happen with the data collected. They might discard it... err... who am I kidding? Cue Bobby Womack's Jealous Love. That should be the theme song for the Tor/Tails/etc group vs. government agency battle.

    Leave a comment:


  • dlevere
    replied
    Internet privacy service Tor warns users it was attacked

    By Jim Finkle

    BOSTON Reuters - Tor, the Internet privacy protecting service, said on Wednesday it discovered a compromise on its network that indicated somebody was trying to monitor the activity of its users.

    "While we don't know when they started doing the attack, users who operated or accessed hidden services from early February through July 4 should assume they were affected," Tor said in a blog entry.

    Tor is an anonymity tool designed to protect the identity of Internet users by routing traffic through multiple nodes around the globe. It is used by human rights activists, criminals and others looking to evade surveillance.

    The blog post said that it was not sure how much information the attackers were able to obtain in their efforts to monitor traffic on Tor.

    It advised users to upgrade to the latest version of its software, which addresses the vulnerability that the attackers had exploited in this particular case, but said that may not guarantee the anonymity of users.

    "Remember that preventing traffic confirmation in general remains an open research problem," the blog said.

    Tor revealed details of the attack after researchers at Carnegie Mellon University said they had developed a method of identifying hundreds of thousands of Tor users.

    Those researchers had planned to detail their technique at next week's Black Hat hacking conference in Las Vegas. The university canceled the talk after Tor developers complained to Carnegie Mellon.

    Leaked National Security Agency documents show that the NSA has logged the IP addresses of many Tor users and may have scanned emails for users living outside of the United States and its four closest intelligence allies, German media reported earlier this month.

    (Additional reporting by Joseph Menn in San Francisco; Editing by Bernadette Baum)

    Leave a comment:


  • Hacc
    replied
    It was a child porn sting, Pyriel. You're right about the spyware, but they also exploited a memory management vulnerability in FF (TBB) to uncloak them (Source). I wouldn't be the least bit surprised if they cracked it in some fashion (didn't look at the docs long enough to confirm) or already, though.
    Last edited by Hacc; 07-27-2014, 07:56:17 PM.

    Leave a comment:


  • Pyriel
    replied
    I'm pretty sure the Silk Road has been rumbled at least twice. I know you're right about one of them, which was the last time around, and the guy had all manner of unencrypted crap on his laptop including his attempts to hire hit-men to eliminate people who'd crossed him. Which somehow wasn't immoral, but the free-market at work.

    My memory of it's a bit foggy, so maybe it wasn't in reference to a Silk Road take-down, but I remember reading somewhere about Tor nodes essentially being compromised with spyware, and in some instances the code had been inserted into aspects of the Tor software and/or the OSes of nodes. It wasn't like the FBI had reverse-engineered it so thoroughly that they could monitor everything remotely in real-time or anything, they just had the ability to log traffic through certain nodes and tie it back to an actual IP address.

    Leave a comment:


  • Helder
    replied
    There was a thread about the silkroad and it was someone who got caught that gave clues to who runs it and they tracked things back to the guy not through the Tor but regular net.

    Leave a comment:


  • Pyriel
    replied
    Certainly the FBI has been able to break some aspects of it. IIRC, that was how the Silk Road got shutdown in one of its incarnations.

    Leave a comment:


  • 47iscool
    replied
    Originally posted by Helder View Post
    US government spends millions trying to crack it and they expect to have it cracked for 110k?
    IIRC the NSA already have.

    Leave a comment:


  • Helder
    replied
    US government spends millions trying to crack it and they expect to have it cracked for 110k?

    Leave a comment:


  • 47iscool
    replied
    Idiots.

    Leave a comment:


  • bungholio
    replied
    I had blindly assumed they already had that considering their reputation for hackers.

    Leave a comment:


  • dlevere
    started a topic Russia Posts $110,000 Bounty For Cracking Tor's Privacy

    Russia Posts $110,000 Bounty For Cracking Tor's Privacy

    Posted by Soulskill

    hypnosec writes:

    "The government of Russia has announced a ~$110,000 bounty to anyone who develops technology to identify users of Tor, an anonymizing network capable of encrypting user data and hiding the identity of its users.

    The public description (in Russian) of the project has been removed now and it only reads "cipher 'TOR' (Navy).

    The ministry said it is looking for experts and researchers to "study the possibility of obtaining technical information about users and users' equipment on the Tor anonymous network."
Working...
X