My suspicion is essentially the opposite: Tor is secure, but the two high profile arrests (Freedom Hosting and Silk Road) where given priority to make the general public a.) feel that the entire function of Tor is illegal and often repulsive activity b.) that Tor is not safe.
The latter part of that theory, that law enforcement agencies intentionally stepped up the resources for both the FH and SR cases in order to intentionally create disgust and distrust of Tor, is of course merely conjecture. Basically I find it an amazing coincidence that the two most notorious parts of the Tor hidden service world where busted very quickly after a huge amount of positive public attention was brought to Tor right after the Snowden leaks. Additionally if you actually look at the details of the FH exploit the FBI unleashed it is fairly useless, but very terrifying when you read just the headline. Legally there seems no useful reason to use such an easy to discover exploit that would have delivered no particularly interesting information. However from the stand point of creating public fear it worked marvelously. If you talk to even technical people that don't understand security and Tor well they often assume that the feds "hacked Tor". Which, in my opinion, is exactly what state actors want people to think.
As for the former part of the claim, that Tor is secure, look at the Snowden leaks about the methods that the NSA was thinking about for attacking Tor. Egotistical Giraffe, the attack used on FH, as mentioned was not a particularly useful exploit, and attacks user behavior not the network. Other similar leaks also suggest that neither the NSA nor any other state agency, has the ability to completely compromise Tor.
Finally,if you are a state agency and you have completely compromised Tor, you would actually want the general public to think it is safe. It is an amazing advantage to have your adversary think they are on a secure line when they absolutely are not. On the other hand if you haven't (and probably can't) compromised Tor you want the majority of people to think you have so that they disregard one of their best tools for defense.
Now of course there is plenty of evidence that federal agencies can perform targeted timing attacks against specific individuals. Tor does not and really cannot guard against this, and this has always been the case and fairly well known. If a state agency is targeting you specifically, I don't think there is anything you can do. However, given the information that is available to us, I do think it's reasonable to assume that Tor is secure from general, large scale, untargeted surveillance.
You don't address my specific point; namely that it is not only possible but relatively inexpensive for any nation-state to compromise users' anonymity on Tor en masse not by cracking its cryptography but by running >50% of the nodes themselves.
a bit of a pedantic note: If you want to control 50% of the servers by adding servers, you actually have to double the total server count... ie, 8k servers now, if you want to control 50% you have to add 8k of your own servers for 16k total servers ...
Indeed, but my proposition is that they already did that, some time ago. It's just such a small amount of money that it seems unlikely that they _didn't_ do this.
The latter part of that theory, that law enforcement agencies intentionally stepped up the resources for both the FH and SR cases in order to intentionally create disgust and distrust of Tor, is of course merely conjecture. Basically I find it an amazing coincidence that the two most notorious parts of the Tor hidden service world where busted very quickly after a huge amount of positive public attention was brought to Tor right after the Snowden leaks. Additionally if you actually look at the details of the FH exploit the FBI unleashed it is fairly useless, but very terrifying when you read just the headline. Legally there seems no useful reason to use such an easy to discover exploit that would have delivered no particularly interesting information. However from the stand point of creating public fear it worked marvelously. If you talk to even technical people that don't understand security and Tor well they often assume that the feds "hacked Tor". Which, in my opinion, is exactly what state actors want people to think.
As for the former part of the claim, that Tor is secure, look at the Snowden leaks about the methods that the NSA was thinking about for attacking Tor. Egotistical Giraffe, the attack used on FH, as mentioned was not a particularly useful exploit, and attacks user behavior not the network. Other similar leaks also suggest that neither the NSA nor any other state agency, has the ability to completely compromise Tor.
Finally,if you are a state agency and you have completely compromised Tor, you would actually want the general public to think it is safe. It is an amazing advantage to have your adversary think they are on a secure line when they absolutely are not. On the other hand if you haven't (and probably can't) compromised Tor you want the majority of people to think you have so that they disregard one of their best tools for defense.
Now of course there is plenty of evidence that federal agencies can perform targeted timing attacks against specific individuals. Tor does not and really cannot guard against this, and this has always been the case and fairly well known. If a state agency is targeting you specifically, I don't think there is anything you can do. However, given the information that is available to us, I do think it's reasonable to assume that Tor is secure from general, large scale, untargeted surveillance.