Nada más como un agregado a lo dicho. La red tor es una red onion que cifra el trafico entre relays. Es un sistema distribuido con dynamic routing. Además de que entre cada hop dentro de la red el trafico es ecriptado. Es decir que los circuitos de una conexión van a pasar por diferentes routers onion cada vez, sin poder leer los datos que pasan por ellos, haciendo muy difícil ubicar el origen de los paquetes.
El ataque al que hace referencia Tzhed se basa en deducir patrones estadísticos de confirmación end to end dentro del mismo tunel virtual--->"statistical "traffic confirmation" attacks, where the adversary watches traffic at both ends of a circuit and confirms his guess that they're communicating".
El problema para los usuarios esta en la conexión entre el último router onion y el destino, puesto que se está abandonando la red onion y efectivamente se puede leer data que no vaya cifrada. Por eso es que se recomienda usar el cliente tor más algún protocolo de cifrado ---->
Can exit nodes eavesdrop on communications? Isn't that bad?
Yes, the guy running the exit node can read the bytes that come in and out there. Tor anonymizes the origin of your traffic, and it makes sure to encrypt everything inside the Tor network, but it does not magically encrypt all traffic throughout the Internet.
This is why you should always use end-to-end encryption such as SSL for sensitive Internet connections. (The corollary to this answer is that if you are worried about somebody intercepting your traffic and you're *not* using end-to-end encryption at the application layer, then something has already gone wrong and you shouldn't be thinking that Tor is the problem.)
Tor does provide a partial solution in a very specific situation, though. When you make a connection to a destination that also runs a Tor relay, Tor will automatically extend your circuit so you exit from that circuit. So for example if Indymedia ran a Tor relay on the same IP address as their website, people using Tor to get to the Indymedia website would automatically exit from their Tor relay, thus getting *better* encryption and authentication properties than just browsing there the normal way.
We'd like to make it still work even if the service is nearby the Tor relay but not on the same IP address. But there are a variety of technical problems we need to overcome first (the main one being "how does the Tor client learn which relays are associated with which websites in a decentralized yet non-gamable way?").
Saludos.