The US is too busy using TOR as a honeypot and offensive weapon to shut down access.
TOR actually amplifies the asymmetry betweem the NSA and smaller actors: the NSA by owning the whole network can easily break it, but it prevents smaller players from getting the same access.
Of course, the FBI seem to routinely compromise TOR sites they don't like.
And then they exploit Firefox bugs to drop phone-home malware on users. But so far, it's only been Windows malware :) And it relies on bypassing Tor's socks proxy.
If you truly wanted anonymity why wouldn't you buy a $35 raspberry pi and stuff it between your computer and the internet and route all traffic through it through tor? Too many zero days out there in browsers, flash, java, office not to mention configuration slip ups that could nullify your tor protection.
"buy a $35 raspberry pi and stuff it between your computer and the internet and route all traffic through it through tor? Too many zero days out there in browsers, flash, java, office"
How does Raspberry Pi help here? If it routes traffic at IP level, it will be transparent at an application level. Firewall/IDS won't help against zero days either.
It's trivial to use iptables to block all traffic except to the SOCKS proxy port on Tor, or even forcibly redirect it all through Tor directly using the transparent proxying support.
If the host PC is pwned then it can still disclose useful information about itself (files, Geo locations, mac addresses) - it will just be routed over TOR.
True. So it must not contain anything that's associated with you, in any way. Buy with cash. No geolocation data. Dedicated LAN. No sneaker net sharing. Compartmentalization.
Weren't most of the services they took down because of the CMU deanonymizaton attack?
They also claim Silk Road was classical hacking, but given what we know of parallel construction and their vagueness in describing their locating of the servers, we can't really know what happened there.
