Russian government wants to crack Tor, offers $114,000 reward

Governments around the world have spent a great deal of time and effort trying to gain access to Tor, the global relay network that allows people to use the internet anonymously. Last year, America's National Security Agency - which has made a habit of sticking its nose into every corner of the digital world - credited Tor as "the king of high secure, low-latency anonymity", adding that "there are no contenders for the throne in waiting."

High praise indeed from the NSA, although Microsoft said more recently that it believes that the NSA and its UK counterpart, GCHQ, are capable, to some degree, of monitoring data sent and received by the Tor Browser, even though the network itself has not yet been cracked.

It seems that that's the goal that Russia's government has now set, as Sky News reports. Russia's Ministry of Internal Affairs has invited individuals and companies to find a way to crack the Tor network, allowing it to reliably decrypt the data that it carries.

Those wishing to enter the contest must pay a fee of 195,000 roubles (almost $5,600 USD), but the first person or group to crack the network will receive a prize of 4,000,000 roubles (just under $114,000 USD). Only Russian citizens may enter the contest, 'to ensure the defence and security of the Russian Federation'. 

There are around 200,000 Tor users in Russia, and as the government there seeks to impose greater control over internet usage and data storage, having thousands of users sending and receiving data anonymously is clearly something that it views as unacceptable.

This week, the Russian parliament approved a law requiring all online companies - including Facebook, Twitter, Microsoft and others - to store data related to Russian citizens in the country, under broader anti-terrorism legislation. Russia is also taking steps to discourage the use of foreign software, in favour of home-grown software solutions.

Source: Sky News 

Report a problem with article
Previous Story

Poll: What do you think the Windows Threshold retail name will be?

Next Story

Happy Sysadmin Day!

30 Comments

Commenting is disabled on this article.

How about the NSA can see any bit of data it wants, manipulate it on the wire, or manipulate the source including an originating server or a users computer, or dare I say.. A persons brain directly and in real-time. Collectively they can't, but the computing infrastructure can .. then makes you wonder why they're quadrupling the size of their existing build locations! I'd say they are well on the way to foreseeing future outcomes of most events to a high degree of accuracy. Now in my view what will be the next step once they can store in realtime, the output of "everyone's" thought processes. Perhaps a sharp increase of people around the world that are now hearing the voice of ahem 'God' (whose exactly ? ;-) ) But what sort of God could it be if the 'voice' (including many associative sound effects) can so easily be defeated by twisting one or both ears, to adjust the internal diameter of the ear canal.. thereby distorting of even eradicating such an effect... The RF hearing effect, The microwave hearing effect (invented years ago) but which had been tweaked to a very high degree of accuracy. Patent US 6470214 B1. How many times have you been talking to someone, and said while walking away "What did you say?" Only to have the other person say" I didn't say anything... Ever heard a bang or other sound, only to have others around say they heard nothing? There are some very complex (but dumb) algorithms driving what i can only imagine to be a state of the art quantum computer.

Enron said,
If you only knew. At the NSA, we have technologies even the conspiracy theorists haven't imagined yet.

And yet the NSA (of which you're not part of) can't even crack 16 years old encryption.

audioman said,

And yet the NSA (of which you're not part of) can't even crack 16 years old encryption.

That's just what you think. And I'm sure you expect me to believe that you're one of Dr. Wily's creations, running around with a name like audioman?

We all think all kinds of things, and some of us are right more often than others are. And no, sadly, I haven't had the pleasure of starring as a Mega Man boss.

Huh? Couldn't that backfire for Russia? It seems like a given that the hack would leak (especially if they don't develop the hack in-house, inside the government), and then this would only serve to improve Tor.

I'd love to see anyone crack Tor. There's a reason why its called the deep web, its a network of encryption after random routing after encryption after random routing. I suppose the way to do it would be to keep an eye on the end nodes because it's plaintext then, well unless your running https, then you've got another fun layer on-top.

The question for me would be, does the end node depend on your location of where it's routing to? For example, there's no point your end node being in France for example when the destination is in the US because it still has to be routed normally through to the US. So if the end nodes in Russia could be monitored through DPI, then you could grab a pretty good understanding of the traffic going through the Tor network.

Hehe Russia is being cheap. Tor for $114,000. And even that after a pooling? For a moment I thought this was from China.

Haha. Here's what I say. Crack Tor, share the vulnerability with Tor, work with them to intercept Russia, collect reward, Tor immediately patches their system.

Can I visit a website (ie. YouTube) as if I were based in the UK using Tor (from Australia), or is location set randomly?

From what i understand of the network the end node could be anywhere and this is very hard to know which node initiated the request. And this is what make it hard to try people using it in a court of law. I could be totally wrong of course. Be cautious though by using Tor the police could raid you even if you did not do anything wrong. From what i understand (could be wrong again) you could be while using Tor the end node accessing some illegal material and while of course it might not hold in a court of law it's enough for the police to get a warrant and raid you.

So we are playing the lottery with cracking / hacking now? Pay to play?... yeah sure.... if you want something put up a reward, don't say you have to pay to get a chance

well good luck, because such hack is worth more than that and the moment it happens it will certainly leak out and be patched.

Enron said,
Well at the NSA, we've already been monitoring Tor activity for a few years now.

You forgot the first rule of the NSA...

If I was Russian and had the ability to crack Tor, would I want to crack it for my government and stop anonymity in my country?

Redz0ne said,
If I was Russian and had the ability to crack Tor, would I want to crack it for my government and stop anonymity in my country?

Yes, and then you'd have the Russian Government host a public cracking contest to convince others that you'd not cracked it so everyone would continue on using it while data is being monitored.

yeah, sucked in, who do you think runs all these high bandwidth exit nodes, and knows only people who have something to hide will want to use them.

yep, the NSA owns and monitors them all! Good con job NSA! Get the criminals to come to you!

LogicalApex said,
So the hackers need to fund their own prize pool via an entry fee. I doubt good entries will be rushing to jump in...

It's entry fee. It's mandatory for all public tenders.