It's unfair to think of CMU as an 'evil' entity just because of what some people in one particular and small department did.
There's a lot of really good work that comes out of CMU, including the department that helped the FBI.
EDIT: furthermore, SEI was doing independent research into the security of TOR. The FBI subpoena'd CMU to give up the results/contents of the research which is what ultimately helped the FBI do what they wanted.
If the department believed their research was important to the security of Tor, why did they not share it with Tor? Why did CMU do research in the wild on a live system and not get criminal complaint filed against them? What has CMU done to insure this does not happen again?
The department had every intention of sharing the information at, I believe, Blackhat. A lot of research (especially security related research) is funded and approved by the government. Before they were able to give the talk at Blackhat, the government stopped them from doing so. Since the provided funding was from the government, they had to comply to avoid legal issues.
This is a matter of legal debate about the intentions and methods of the government, IMO. To reiterate I don't think it's fair to blame students/faculty/researchers for not breaking the law and agreements that allowed them to conduct the research in the first place.
As for what CMU has done to insure that this does not happen again... I don't know.
There's a lot of really good work that comes out of CMU, including the department that helped the FBI.
EDIT: furthermore, SEI was doing independent research into the security of TOR. The FBI subpoena'd CMU to give up the results/contents of the research which is what ultimately helped the FBI do what they wanted.