Someone more knowledgeable than I should confirm or deny this, but my understanding was that TOR should be resilient to a single point attack like that. On the other hand, if they can watch packet timing on a significant fraction of intermediate nodes, there is a problem.
And, hypothetically, the FISA authorized box was only getting traffic from the one site, and not the entirety of network traffic. The room 641A attack is far more problematic.
As I understand it, TOR uses encrypted layers each of which tells the node where to send the partially unwrapped message on to.
So, if I encrypt something to, say, three layers and sent it to some TOR nodes:
1-2-3
1 knows it came from me and knows to send it to 2
2 knows it came from 1 and to send it to 3
3 knows it came from 2 and to send it to wherever
No one point on the system, IIRC, is meant to have the information necessary to compromise the entire chain. Though, if you could compromise a sizeable portion of the network, you'd be in with a significant chance of compromising any given message - which I find hard to believe that the government hasn't done.
And, hypothetically, the FISA authorized box was only getting traffic from the one site, and not the entirety of network traffic. The room 641A attack is far more problematic.