The NY Times article is especially bad because the tool they’re talking about, whois, is included standard with Mac and Linux. It’s not scary spy software. Inspecting and blocking traffic on the fly isn’t supported by the article as far as I can tell
Sorry, the article is terrible but I couldn’t find better English articles. Here are couple of auto-translated articles with some technical details on said spy-boxes. I remember there was a great combined push of state-owned market majority ISP Rostelecom along with state’s truth agency Roskomnadzor to implement all of this, for the first it was to push out independent ISP’s who couldn’t afford any of it, and for latter to erase and block out any info that the government doesn’t like, e.g. protest movements. The pretense was that it was for protection against foreign threats and autonomous operation of Russian side of the internet in case of hostile actions from the west, which has a grain of sense - e.g. of the 13 root DNS servers, 10 are operated by US and the rest by it’s allies. But the fact that this was not a joint initiative with other countries who are not on good terms with the US, and that those tools were used to combat political opposition, tells that this was not at all the real reason for it.
In the case of that last link. He did go to jail for 20 days, but on the other hand, running Tor did literally save him from prison. This isn’t from that article but looking up his name, it seems he was cleared of all charges a week after he got out of jail and the judge’s reasoning was that because of Tor there wasn’t undeniable evidence
That’s a dangerous precedent though, that a person can be arrested and held for indefinite amount of time without any significant evidence - just based on IP address. And in Russia, the laws are often written backwards, like the religious people feelings law in response to pussy riot case, the veteran feelings law for Navalny, the meme laws… for everyone… and…
This case sounds like positive confirmation that if I rent a Russia VPS and use it for Tor, I’m not breaking any laws and don’t need to worry about regular downtime, which was the original premise.
If you are not located in Russia, and you are not a figure in Russian politics, you indeed have nothing to worry about, except for the downtime, and certain protocols and endpoints being unreachable… and having your business ruined, but I figure if you’re not planning on doing any if you don’t care about downtime.
Though, if you are a political figure, the advice would still be to not touch anything Russian even with a 10-foot pole
And finally, having someone’s root certificate does not at all stop you from encrypting data. It lets websites that have been verified by the issuer have a green check mark in Firefox. You likely have tens or hundreds of root certificates installed on your computer
This allows them to perform MITM attacks by connecting to the website on your behalf, decrypting it, then re-encrypting it with their own cert and you’d still get the checkmark. Do you ever click on it to see who issued the certificate? They can, and most definitely will use it to attack their political enemies. Currently, they’re still forcing users to install it by holding online payments hostage, but even if you don’t pay online, nothing stops them from forcing it on all outbound communications in the future.