Someone more knowledgeable than I should confirm or deny this, but my understanding was that TOR should be resilient to a single point attack like that. On the other hand, if they can watch packet timing on a significant fraction of intermediate nodes, there is a problem.
And, hypothetically, the FISA authorized box was only getting traffic from the one site, and not the entirety of network traffic. The room 641A attack is far more problematic.
As I understand it, TOR uses encrypted layers each of which tells the node where to send the partially unwrapped message on to.
So, if I encrypt something to, say, three layers and sent it to some TOR nodes:
1-2-3
1 knows it came from me and knows to send it to 2
2 knows it came from 1 and to send it to 3
3 knows it came from 2 and to send it to wherever
No one point on the system, IIRC, is meant to have the information necessary to compromise the entire chain. Though, if you could compromise a sizeable portion of the network, you'd be in with a significant chance of compromising any given message - which I find hard to believe that the government hasn't done.
From how I read it, he did that after the experience, when it wasn't under surveillance anymore (well, at least not from inside the datacenter), as a sort of atonement.
I think the only reasonable thing to do would be to somehow encourage (without directly encouraging) people to try a variety of "test traffic" on your box, with the subtly-concealed intention of rooting the fed's box with traffic addressed to your own box (and thus not "intentional", and done by other people anyway). For a "hacking contest" or something.
And, hypothetically, the FISA authorized box was only getting traffic from the one site, and not the entirety of network traffic. The room 641A attack is far more problematic.