Is what you are stating that they would passively monitor with or without the knowledge of the owner of the entry guard ?
My understanding is that there has been for many years 'secret' rooms at the major ISP hubs where three letter agencies have plugged in and run deep packet inspection of ALL traffic that flow through the switches. This has been done without any judicial oversight (warrants)
With that sort of complete coverage of the internet, I wonder if they already have the capability of passively monitoring entry guards based in the USA given that apparently all USA internet data is DPI'd, they already have the packets in their 'haul', it would just be a master of being able to identify the relevant packets on both sides in real time.
The currently available data indicates that the NSA cannot actually monitor all USA traffic in real time, much less global traffic. There is a bit of literature on this and also some educated guesses based on leaked information. Probably nobody knows for certain. One paper that has discussed the abilities of agencies such as the NSA is called Global Spying: Realistic Probabilities in Modern Signals Intelligence. I used to be convinced of the legitimacy of this, however I find anything with Steve Topletz name on it to be worthy of taking with as many grains of salt as possible. Recently I have been shown some alleged technical details about the NSA monitoring systems that had leaked its way to Wikileaks. It indicated that they are only capable of sampling large amounts of traffic, not performing real time traffic analysis. Additionally this is the view that I find to be most common in the academic anonymity circles. Outside of the academic anonymity world, which consists almost exclusively of Tor, there exist several camps who have received little or no attention from the research community (I2P people for example). I find that the people who are not part of the academic community tend to estimate the NSA as being an all powerful attacker whereas people in the academic world seem to think of them more as a very strong but not all powerful attacker or even a global passive attacker. Here is a paper that discusses the level of luck the NSA will have against Tor traffic if they sample traffic rather than real time monitor the entire internet from their spy centers.
Sampled Traffic Analysis by Internet-Exchange-Level Adversaries
http://petworkshop.org/2007/papers/PET2007_preproc_Sampled_traffic.pdf
one thing to keep in mind as well is that it doesn't matter if the NSA can't passively spy on 100% of the internet so long as they can passively spy on 100% of Tor. That might be a lot easier for them. Not much stops even the feds from being proactive against Tor: they only need a good faith feeling that a pen register will aid in a criminal investigation for them to use a pen register (easily carried out thanks to CALEA compliance of the equipment at ISPs). If they ever make the case that monitoring Tor nodes is inherently beneficial to criminal investigations, I can conceive a scenario in which they are not restricted at all from performing dragnet passive spying on all Tor nodes in the USA. I believe that they can gather enough information with a pen register to perform a timing attack if they monitor entry and exit positions; CALEA has a list of requirements that includes them being able to monitor the timing information of communications. This is not the same thing as a wiretap either, they are interested in which computers talk to which computers when and how and how much and how frequently, not in what the computers actually say to each other. Most of the language of the current law regarding such things was written with traditional telephone systems/networks in mind and probably not with such advanced attacks in mind, but these laws still cover the entire USA's internet infrastructure.
I believe that the new 2 billion Utah data center is being built for not only breaking encryption keys but also for traffic analysis on an unprecedented scale.
Quite likely they will use their new data center to datamine extremely massive collections of traffic information (as well as extremely massive collections of a lot of different things, like cellphone positioning information). The NSA is the primary agency responsible for both Cryptography and Signals Intelligence, my guess is that with modern encryption what it is that they will focus more so on signals intelligence, although I suppose quantum computing is a serious threat to almost all currently used encrypted communications systems.
Also your response begs the question... if you believe it to be so relatively easy for a three letter agency to locate and then passively monitor a hidden service for even years before taking it down, how can you have any real faith that it has not happened already ?
I do not have any solid faith that it has not happened already. I try to keep up with what is current in the federal agent level scene as much as possible though. I look up their case studies against cyber crime groups. I look for as much information on them as I can find via as many ways as possible. Sometimes there will be an academic paper discussing a law enforcement traffic analysis system. At least their technological abilities that are not guarded as secret, I know about. I have even read some pretty detailed 'for official use only' LE documents, they sometimes make informational material to educate their officers about modern trends in cyber crime and how they can attempt to go about combating it. A lot of different things have leaked or been carelessly put out by LE over the years, one recent example is that internal LE paper about SR and its leaking to SR which is hilarious and something I find totally believable given the care that I have seen LE give to protecting their FOUO documents. When all of this information is analyzed as a hole I see the trend is that law enforcement agencies around the entire world are totally out of touch with modern times. They don't have strong computer units, the local police agencies that have forensics labs are carrying out extremely basic and easily counter forensic operations. The feds seem to largely do a lot of the same thing as local police forces although they step it up a bit. Local police will power down you encrypted drives for you after raiding you, federal police are starting to catch on to the fact that volatile memory is the primary target and it needs to be obtained and analyzed as quickly as possible to have a chance at carrying out a traditional cyber forensic investigation against an even mildly technically skilled target. They still have not gotten this message into the heads of all of their agents around all of the world, but it is something that starts to happen more and more in the reports of raids for cybercrime targets. However one serious threat that is posed is the very real risk of skilled groups creating sophisticated software and selling it to the police. There have already been several examples of private industry working in association with law enforcement groups in order to create more advanced policeware for them. One nice thing that counter balances this risk is the fact that intelligence and military agencies are in the market for many of the same tools/programs/etc as the police agencies are, but they are capable of paying a shitload more and they want their abilities to be shared by no others besides themselves. This will naturally keep police forces from being able to get the most cutting edge forensics / counter-security talent and tools.
So essentially even though I do not think they are technically limited from doing a lot more than they do, I think that they are limited in other ways. They are limited in that they want to make busts and it isn't going to lead to as many busts for them if they take the time required to go after secured targets. I think that they have some system for allocating their resources. It is apparent they run two types of operation, targeted and dragnet. There is certainly a targeted operation against the people who run Silk Road and the largest vendors here, an international team of agents and Interpol are very likely to be trying to find the top vendors and the people running SR. Other people on SR are less important to them, they would be the target of a dragnet attack ("We can arrest some percent of them so lets throw out a net and see which all people we can get" instead of the targeted operations "Let's get this group of high value targets"). They pick the targets of their targeted operations by the extent of the crime they have committed, for example they are not going to have a special team dedicated to busting the local drug dealer selling ten sacks on the corner. But they probably will for a group of people who have embarrassed them, especially since they have illegally made millions of dollars in the process. They don't select who they bust in a dragnet attack, they throw out bait or you get an unlucky draw on entry guard and then they have got you. They might not even care about you or they might care enough to send your local cops after you, generally if they have limited resources they will sort the people caught in their dragnet by the extent of their crime(s) and allocate resources to go after them in that order. This is very evident in CP cases on public P2P networks: they cannot even go after more than 1% of the people they identify sharing CP in any given year due to hard man power limitations, so they generally sort the IP addresses detected by the sort of CP the offender shared and their likelyhood of offending based on the discoveries (this can be automated with computers and various neat tricks. For example if you have shared a book on how to molest kids and get away with it, or child grooming materials, you will move to the top of the list as it is far more likely that you will / have molested a child than if you shared a pic of some 16 year old flashing her camera phone).
I know enough about the technical workings of the tor network to know you are correct in what you say, only I had never conceived of the methods of compromise you describe before and frankly I'm now very concerned about whether the road actually remains 'hidden' and is not indeed being passively monitored in the manner you describe to the point I may discontinue coming here. I mean, there is simply no way to verify that such a compromise has not occurred and its entirely within the realm of possibility that it has.
You must be of the opinion that the road remains hidden otherwise you would not be here, can you elaborate on your reasons for believing that please ?
Sorry if this post is a bit all over the place, I have to sleep now so have rushed writing it.
I am of the opinion that federal police are not trying very hard to break Tor. I also am of the opinion that even after they try very hard to break Tor, that they will not be able to immediately deanonymize very many people. They will get X people over Y time, like I said before. I can't particularly guess as to the value of X or Y without knowing how they go about carrying out any attack they do. I can certainly imagine situations where they could do substantial damage against Tor with very little legal resistance or much in the way of expense, but if it is as easy it seems the question remains why have they not done this? There have been cases of serious fucking psychopaths using Tor to protect themselves from LE while doing some truly detestable shit that would certainly have them as some of the highest targets; and they are not traced via attacks on Tor but rather very time consuming and more traditional detective work.
Additionally, I don't buy drugs or sell drugs here, I don't keep more than personal use amounts of drugs on me at any given time. They probably suspect my of quite some things but they will have trouble to prove anything against me in court and honestly I just don't think that I am currently a very valuable target to them. I think if I was running SR that I would be a little more paranoid, but I have had some fun doing erm... administrative work of my own over the years and I certainly think DPR can stay quite safe. My opinion is that it never hurts to combine using Tor with using WiFi from random locations and not traveling with a car or while carrying a cellphone on your way to the WiFi location.