First off , NSA is widely recognized as being an elite agency of cryptographers, hackers, and traffic analysts. If you think they are not extremely skilled, I strongly believe you are only fooling yourself. Additionally, Roger Dingledine, the lead developer of Tor, got his start working for the NSA in the first place. Second of all, Tor is not able to provide you anonymity if your entry node and exit node are compromised, there is no guessing involved on the part of the attacker, they are able to use packet timing characteristics to statistically prove that both parts of the traffic flow are related. Third of all, despite being correct in saying that Hidden Services do not use exit nodes, strictly speaking, they are still just as susceptible to end point timing correlation attacks as circuits exiting to the clearnet are. In such a case the attacker would need to own the hidden services entry node and the connecting clients entry node, incidentally this is possible for an attacker with a single node in the case of hidden services, but not in the case of connections to the clearnet where the attacker would need to own or be able to passively monitor at least two nodes. The hidden service does not necessarily need to be owned by the attacker, it merely needs to be identified by the attacker and put under passive surveillance, or under active surveillance in the case that the attacker manages to own one or more of the hidden services entry guards.