We all know the story: The NSA has tried and failed many times to crack Tor, so rather than try and peel the onion, now they're looking to find out who's shopping for onions. From the Verge:
As explained on the site of German broadcasters WDR and NDR, the rules monitor servers in Germany and elsewhere that host Tor directory authorities, which contain a list of all the service's relays; a comment explains that the "goal is to find potential Tor clients connecting to the Tor directory servers." It also monitors the email address used to send out details of non-public relays, which are used in countries where major Tor servers are blocked. Some of these rules are set up to explicitly avoid people believed to be in "Five Eyes" countries, the small group of places where the US has formally agreed to heavily limit spying. But the system apparently goes beyond trying to compromise Tor. One rule seems to "fingerprint" people who even visit the Tor website, as well as people who search for information about Tails or visit places known to have information on it. That apparently includes the Linux Journal, where anything in the "Linux" category of articles is flagged.
Essentially, by tracking the "fingerprints" left by visitors to the Tor website, the NSA can compile a list of users the NSA deems bad based on the false equivalency of wanting privacy means having something to hide. So for all of you thinking about being extra careful on the Internet and possibly using Tor to do so, just know that the NSA might be watching.