[brudgers]

Tor was developed by the US Naval Research Laboratory as a munition (that's the strong view of cryptography and developing munitions is what NRL does). There are a number of assumptions baked into it's design. Among them is hygiene appropriate when handling munitions in the external operating environment.

Viewed as a munition, the fact that Tor source code was opened up more than a decade ago but well into the post-Patriot act era suggests that its direct value as a munition had become less significant. However, since the release seems to have had the effect of retarding development of alternatives for some years, this might be seen as an indirect value of Tor as a munition.

Practically speaking, Tor on its own and absent an ecosystem of serious security hygiene, is likely to leak data to an attacker with targeted intelligence and barely non-trivial technical means. Because relatively few people have the will and the technical skill and the need to do all the other things that are required to use Tor in a secure manner.

Or to put it another way, in the context of the GWOT, it seems likely to me that Naval Research Labs only provided a free and unlimited crytpographic munition only because it could readily defeat its use by adversaries.