Tor is an interesting and well-designed system, but like any computer system, it has vulnerabilities, and a couple of years ago, Tor was attacked in a particularly successful way by some researchers at Carnegie Mellon University.
It uses a large network of computers or relays to anonymize traffic, and this is work by connecting to a Tor node rather than to the destination. And then it sets up what’s called a circuit so a series of nodes within the Tor network that involved in relaying that traffic before it reaches its final destination and because of how the Tor protocol works.
It has lots of different circuits active at the same time. So if someone is monitoring one of these nodes or even many of them, they can’t figure out where packets are going or where they are coming from, unless they can control a large part of the Tor network and this is what these attackers were able to do.
If attackers have control over enough nodes within the Tor network then for a particular circuit there’s some probability that they can see both the start of the circuit and the end of the circuit. So if attackers were able to control the entry point node of the circuit and the exit node, it doesn’t matter that they don’t control any of the other nodes (in-between), they will be able to detect the source of the request.
They use this control over the circuit to inject a little bit of information, so they modified the headers of the packets in the entry nodes and if they found that injected packets on the exit nodes, they will be able to connect the packets with someone.
Peer-To-Peer systems are vulnerable to these types of attacks which are called traffic confirmation attack. So Tor is not perfect like any computer system has vulnerabilities and they can be exposed.
