[thyrsus]

Someone more knowledgeable than I should confirm or deny this, but my understanding was that TOR should be resilient to a single point attack like that. On the other hand, if they can watch packet timing on a significant fraction of intermediate nodes, there is a problem.

And, hypothetically, the FISA authorized box was only getting traffic from the one site, and not the entirety of network traffic. The room 641A attack is far more problematic.

[gizmo686]

TOR is resilient to a single point. However, if an adversary can compromise both the entrance and exit node, then they can de-anonomize the traffic.

[6d0debc071]

As I understand it, TOR uses encrypted layers each of which tells the node where to send the partially unwrapped message on to.

So, if I encrypt something to, say, three layers and sent it to some TOR nodes:

1-2-3

1 knows it came from me and knows to send it to 2

2 knows it came from 1 and to send it to 3

3 knows it came from 2 and to send it to wherever

No one point on the system, IIRC, is meant to have the information necessary to compromise the entire chain. Though, if you could compromise a sizeable portion of the network, you'd be in with a significant chance of compromising any given message - which I find hard to believe that the government hasn't done.