It's not like they were going around pen tapping every Tor user until they found Hammond. They knew who to pen tap in the first place. If used properly, Tor will prevent you from being identified. Hammond got busted because he ran his mouth and revealed too many personal details. So don't do that, on this forum or anywhere else. Hammond also had a persistent presence on the IRC channel, which made a low tech correlation attack on him easy. That is considerably harder if you're posting on a forum or sending emails, or just browsing around. Lastly, Hammond was involved in multiple hacks on high value targets, including stealing a million dollars through fraudulent credit card charges. LE won't be doing that kind of investigation on people buying a few pills over the internet. What happened to Hammond should not be in your threat model.