The obvious solution and the remaining problem with it
Refocus the Priority of the NSA back onto National Security
We need a 100% disclosure rate for exploits discovered by the NSA. The NSA should report every single vulnerability it finds to the relevant software vendor within one month of discovering it. The funny thing about exploits is that smart people all over the world are working on finding them every day, and nobody seems to be substantially faster than anybody else. When one person discovers an exploit and reports it to a bug bounty program, 500 hackers sigh with disappointment because they were days or weeks from discovering the same one.
We need an end to mandatory backdoors into communications systems. Backdoors cannot be relied upon to remain hidden and only available to the law-enforcement or government personnel who are the intended users. Quite the contrary, backdoors render a cryptosystem worse-than-useless because they deliberately cultivate a false sense of security while simultaneously providing a predictable avenue of attack for malicious actors. Eventually, this should culminate in the drastic revision of ECPA and CFAA, and the repeal of CALEA.
We need to end mass surveillance because it's not helping us identify threats. As a technology, the hypothesis has failed and it's time to stop wasting money repeating the same mistakes.
We need to focus on combating cyber-espionage and cyber-warfare proactively, by fixing bugs before they can be exploited by malicious actors rather than hoarding exploits, which disproportionately leaves innocent computer users vulnerable. If cybersecurity is to be the purview of the US Government and the NSA, then the NSA must be re-imagined as a security research and bug reporting agency. In this way only can we perfect our computer systems and protect our people from cyber-espionage and cyber-warfare in the long term
Fix the Problems with The Chain of Evidence
We need something quite bizarre to fix this problem. We need to encourage a criminal escalation in cybercrime and cyber-related crime like online drug trafficking. The escalation we need is an SSL-Encrypted, peer-to-peer Log-Hash-Escrow system, which stores non-reversible hashes of security logs for sensitive sites. This is to assure that all hacking performed by law-enforcement agencies is accurately reported when it is entered into evidence in a court of law. This will also help limit frivolous and excessive inaccuracies of lawsuits on the part of copyright lobbying agencies that stifle innovation like the RIAA and MPAA.
This is another difficult decision, like Tor itself was, but it is one of the only credible ways of restoring credibility to American cybercrime investigators.