Using broken encryption is like putting a red sign on your warehouse "vault lock broken"
1. If they have a back door or if they have one of the encryption keys, then no effort needed and they can do mass decryption of vast quantities of web traffic.
2. Using SSL on web pages does not raise our profile much, so https is better than http. Plus small time crooks don't have the ability to break SSL, at least so far as we know.
3. But for email and instant messages, encryption is rare and hard to set up.
Using encryption in an email would red flag a person or organization.
There is a reason the espionage community, the military, Apple users, diamond exchanges, banks, mints, etc. use security by obscurity. It simply works most of the time, and it does not need to work all of the time.
4. We now know our encryption is not working.
Using broken encryption has no benefit over using no encryption, plus it red flags you.
Using broken encryption is like putting a red sign on your warehouse "vault lock broken" -- it tells everyone you are likely to have something inside that justifies the expense and inconvenience of using a vault, and that the vault is broken.
5. However, while the encryption is definitely broken as far as the US, UK, Canadian, Australian, New Zealand and Israeli governments are concerned, and while it is almost definitely broken as far as the Russian, Chinese, Indian and Saudi Arabian governments are concerned, and while it might be broken as far as half the governments in the world and the biggest crime syndicates are concerned (Russian mob and their customers), it might not be broken as far as small time crooks are concerned.
6. So encryption of email, using TOR, etc. is counterproductive if you are a political, academic, business or technology leader that the spy agencies might target for political or corporate espionage.
It is also counter productive for future leaders.
But for those of us who have no hope of ever being important or useful, encryption of email still has a benefit.
But then those of use who are neither important or useful have nothing to steal, so why go to the bother? Just don't email your credit card numbers ever.