LASTor is one good paper on AS awareness. I think the authors actually have implemented and released an AS aware Tor client. Yes it is very bad for US citizens, because if your entry node is outside of the US then all of that traffic is definitely vulnerable to NSA interception, and then if your exit node is also not in the US but your destination site is, all of that traffic coming back into the US is vulnerable to NSA interception as well and then you are vulnerable to a timing attack. Being in the USA with an entry guard outside of the USA and an exit node outside of the USA, in addition to having a destination site inside of the USA, definitely makes you vulnerable to the NSA. They are monitoring international traffic more than anything else I imagine, until recently they were only thought to be legally allowed to monitor international traffic. This doesn't factor in the reality that Narusinsight boxes can be made to only target traffic from specific IP addresses, and that the list of Tor relay IP addresses is public. If they want to attack Tor they don't give a shit about the terabytes of data per second crossing the border, they just hone in on *Tor* traffic crossing the border. A single Narusinsight box can monitor 1GB/s of targeted traffic, and there are dozens of these things installed at major internet exchange points across the USA, and they are capable of analyzing the monitored traffic in real time. The conclusion that the NSA can do major damage against Tor seems quite obvious to me. Tens of thousands of simultaneous circuits don't matter because they are all involved only a few thousand IP addresses, and those IP addresses can be targeted, and it is obvious that a single Narusinsight box is capable of monitoring 100% of US Tor traffic that passes through it. Doesn't really apply when we are talking about attackers of this level. They can analyze half of the haystack in real time and quickly detect the metal they are looking for.