I read that article too and it only gave me more questions. Sure the owners wouldn't know who was using the system and couldn't lock them out. That seems to be the whole point of annonomizing software? Why does that make it insecure? If those are the only reasons I don't see why that makes it unsuccessful software (I personally have big doubts about their claims for annonomizing trafic, but the oblomovka article doesn't answer those questions.)

The article seems purposefully thin on details, but there are a couple of points here:

1. The owners/maintainers thought that it was possible to lock out specific people/clients, but this is obviously not the case.

2. The owners/maintainers think that it's impossible to have unauthorized clients using the system, but this is obviously not the case.

Either the owners/maintainers are incompetent, or the system is not functioning as it was designed to. This makes it all the more likely that 'nefarious' forces can infiltrate (or already have infiltrated) the system and snoop on users.

A system that is relying heavily on secure design should not be considered to be 'working' when it is not functioning as the designers believe that it should be.