The basic key to how TOR functions is that the traffic is encrypted so that no individual node (neither the server nor the volunteers) can know where your traffic is going or what you are doing.



For example, if you go to Amazon.com through TOR, the entry node knows that you sent some sort of encrypted traffic through TOR, but it doesn't know what site you accessed or much of anything about your traffic; the exit node knows that someone out there sent some traffic to Amazon.com, but doesn't know who did the sending; and Amazon.com only knows what you choose to tell it.



The way hidden services on .onion operate is that they ask a handful of relays to act as "introduction points" for their hidden service, then the introduction services act as relays to send traffic between a person trying to access the service and the computer hosting the service (whose IP can't be identified by any individual TOR node or any individual "man in the middle" because all its traffic was encrypted properly).



The central database of hidden service locations only shows the "actual" locations of the introduction points, and since the traffic from the user to the introduction point and the traffic from the introduction point to the service are both sent through multiple relays and multiply encrypted, knowing the actual location of an introduction point is no more valuable than knowing the actual location of Amazon.com.



So the location of an introduction point doesn't allow the police to "bust" anyone, because running a relay (which is all the "introduction point" is) is perfectly legal and the EFF fights hard in court to keep it that way. If the government managed to get a court order to shut down the introduction points currently in use by a .onion site (which they would have a hard time doing since the EFF and others would fight against a court order like this), the person operating that site could immediately set up a few new introduction points, and they wouldn't really be able to permanently shut down a hidden service without shutting down the entire TOR network (which again, they would have a hard time finding a legal way to order something like this).

Alright, what you said right there is the innate problem. The servers are "owned by "Volunteers" that relay the information in a global network...meaning that's the first (and major) hole in the system. Second this service called "Service Objects" uses a new IP Validation solution that can reveal detailed information, such as location, and network information of the user connected to the TOR network.



Further Reading:

- Practical Vulnerabilities of the Tor Anonymity

Network (http://www.syverson.org/tor-vulnerabilities-iccs.pdf)

- Service Objects official website (http://www.serviceobjects.com/)



Hope this helps.

If you think there is anything secure or anonymous about TOR you're living in a fantasy world. Any law enforcement agency can get any info they want on anyone using it, its not difficult. All TOR does is route packets around a few times to make it more difficult to track them. At best that just makes it more annoying to do so.



Keep in mind that the data being sent consists of packets (well technically frames that contain packets) and each one requires a source and destination IP to be encoded in the packet header. All anyone has to do is intercept a single packet, strip off the header and find the source and destination IP. Then they will know where the data originated and the end IP of whoever it was being sent to

you don't think the NSA can't access TOR... france and south america are already pissed of for spying on them wise up