The fact that feds have seized Silk Road 2.0 and a bunch of other shady websites hiding behind Tor's technology proves that the browser doesn't provide the perfect cloak of anonymity. Now, a series of studies conducted between 2008 and 2014 gives us a clearer idea of just how vulnerable the browser is. The researchers involved claim to have de-anonymized the IP addresses of all Tor users in a lab setting -- and over 81 percent of actual users in the wild. According to one of the papers published by Sambuddho Chakravarty, former researcher at Columbia University's Network Security Lab, he and his colleagues managed to get through Tor's defenses by exploiting the default traffic analysis software built into routers. In Cisco routers, for instance, it's a program called Netflow.
Here's how his team did it, in simple terms: they repeatedly injected typical HTML files a Tor user would access into a router's connection. Since Netflow was designed to break down and analyze traffic depending on what you use the internet for (say 25 percent email and 50 percent web browsing), they could check who accessed those HTML files and get their IP addresses. He's convinced that a large organization (like, well, the government) can easily uncover the identities of Tor users if it wanted. In fact, he says one doesn't even need the resources of a powerful organization to do so, as a single autonomous system programmed to de-anonymize Tor clients can monitor up to 39 percent of the browser's traffic.
End users don't know how to properly configure it -- they think it's a silver bullet. They think once they use this tool, they don't have to take other precautions. It's another reminder to users that nothing is 100 percent secure. If you're trying to stay protected online, you have to layer your defenses
If you don't mind sifting through scientific lingo and want to know the details about Chakravarty's methods, you can check out a paper (PDF) he published with colleagues while he was still at Columbia.