A nation state doing traffic analysis will have people working full time to subvert the initial weak link of getting the software (which nobody else uses so simply possessing it will be seen as a sign of criminal intent) and keying information, doing statistical analysis to find why people have unusual access patterns to that innocent content and correlating people not known to be connected who are showing those same atypical patterns around the same time, etc. It doesn't matter if your source data is entirely fluffy kitten videos if there's a set of users inexplicably accessing the same set of videos in temporal or geographic proximity without a known link.

The other problem is trust: you said you'd have no idea where the key came from. Ignoring the high possibility of the state recording enough history to answer that question, the bigger risk is active subversion: using that software is evidence that you're trying to evade surveillance, which is risky no matter how warranted, and making those requests is clear proof that you're doing so. The hardest problem here would be detecting moles and honeypots: secret police distribute software versions which leaks your activity to them, distribute keys online and in person, etc. They're not going to arrest you as soon as you install it but will wait, possibly for years, seeing who else your activity links in.

Obtaining the software is hard, that is certain - but human beings have been successfully smuggling contraband for as long as there has been such a thing. And when you download the dozen specific fluffy cat videos, you don't just download that set - that would be fundamentally stupid - the set exists to mask the source, not to protect the receiver. The receiver would download a naively popular superset of the target set - you mask suspicion by hiding with the sheep.

Absolute trust is fundamentally impossible (the place where there is no darkness is a legitimate concern here). How do you even know that the public keys on your machines are true, that the hashes of your OS ISOs are not false, that every semblance of the assumption of security that you are working within is not simply a cleverly laid trap designed to lead you to naively reveal your hitherto hidden intentions?

Eventually, you just have to run with "fuck it, I'll do what I can to cover my arse - let the chips fall where they may".

The fact that it is fundamentally impossible to know the underlying intention of any foreign consciousness or computational context does not necessarily mean that none can ever be trusted, only that they can never be fully trusted - and that you should use whatever degree of caution you believe is justified for the given situation.

I think it's very risky to conflate different classes of threat. Yes, the state could suborn a CA but simply using SSL does not make you stand out. Using software which is designed to evade surveillance is by itself a bad thing to be caught possessing and unless it's perfect it will leave traces which will draw attention.

The problem I'm concerned with is the promise: tell people that something like this works and they are likely to trust it – at least until news spreads about other people getting caught by basic statistical traffic analysis. This is basically the Bitcoin anonymity trap: the marketing guys like to run around telling people it's anonymous and people often miss the distinction that any mistake will cause it to fail open with a full public history.