> To bolster your argument in a non-technical way: if Tor made users untrackable by US intelligence, would US intelligence really keep funding it?
Maybe; if US intelligence's high-value targets can be targetted by means that Tor does not protect (compromising endpoints, emissions-based techniques, etc.), and Tor provides US intelligence agents a way to exfiltrate information in a way immune to any but more involved, specifically targetted techniques, it might still be valuable to both have Tor exist and have it used by enough people not on US intelligence payroll that it's mere use didn't finger people as agents.
You have to remember that US intelligence does more than monitor people's communications, it also needs communication channels that are accessible, unmonitored, and deniable for its own agents.
Right, that's the theory, and certainly they do need users on Tor to create noise for their own agents. But considering their nonstop drive to weaken other forms of encryption and insert backdoors, I'd be a little bit cautious about taking that at face value if I wanted to start the next Silk Road.
" if Tor made users untrackable by US intelligence, would US intelligence really keep funding it?"
On top of dragonwriter's answer, I'll point out that "U.S. intelligence" doesn't exist as one entity in the way you ask that question. There are a number of groups that cooperate in some ways and compete or just diverge in others. The NSA and FBI want Tor cracked the most to find their targets. Whereas, the State Dept and/or the CIA that back Tor's funding want to protect both dissidents and assets overseas from state-level agencies monitoring communications. They need it to be unbreakable for some set of nation-state attackers.
Now, that doesn't mean that it needs to be unbreakable for the NSA, etc. The original guidance I read on Tor even warned that global adversaries would probably break it. The Many Eyes collaborations have visibility into a lot of the network. They're probably also honeypotting it with high-bandwidth links. It's also written in a tricky protocol in unsafe language on OS's done similarly running untrustworthy apps. They'll probably always have attacks on it for at least worthwhile targets even if State and CIA don't want that. It will still be valuable in many threat models, including NSA if combined with other methods. Especially if about delaying rather than permanently denying them info.
Of course it is true that US intelligence is far from monolithic, but I think it's a useful-enough abstraction for the purpose of thinking about the issue.
Maybe; if US intelligence's high-value targets can be targetted by means that Tor does not protect (compromising endpoints, emissions-based techniques, etc.), and Tor provides US intelligence agents a way to exfiltrate information in a way immune to any but more involved, specifically targetted techniques, it might still be valuable to both have Tor exist and have it used by enough people not on US intelligence payroll that it's mere use didn't finger people as agents.
You have to remember that US intelligence does more than monitor people's communications, it also needs communication channels that are accessible, unmonitored, and deniable for its own agents.