7 comments

[ 6.6 ms ] story [ 25.0 ms ] thread
Massive Tor fan here but trying to think about this subject from a bad guy point of view...

Sometimes I think Russia is probably less likely to have the capability to have long term success at a technical method of attacking/blocking a tool such as Tor, then it would have at an attack on the people who maintain it. Ultimately most of it is still maintained by a relatively small group of [awesome!] people. From my experience of training NGOs/journalists etc there is a global increase in such clever methods of disruption being used by bad adversaries.

A sophisticated "gloves off" human intelligence operation to disrupt, deny and delegitimise the small group responsible for it would probably be a more cost effective and successful operation - and would probably play into Russia's strengths. I realise that some in UK and elsewhere have done this to some extent but I think Russia would probably capable of taking these efforts much, much further.

Noob here.

Upon reading the original bounty, which stated the purpose was "to study the possibility of obtaining technical information on users and users' equipment of Tor anonymous network..." Could it be possible that Russia's intentions with Tor are purely ethical? Perhaps verifying it's integrity or seeing with their own eyes the benefits before investing?

Really really doubt it. I would lean much more towards the Russian government wanting to be able to demask Tor users.
You're probably right. After thinking about it, why would Russia even bother unless it was to obtain something they didn't already have.

So the next question is, why abandon the efforts?

One thing to keep in mind when reading about government efforts to attack security software is that one part of the government may not have access to, or even know about, the capabilities of another part of the government. Or even capabilities of people within the same agency!
One hand not talking to the other = Every government ever... :)