"Hack" here having the meaning "not actually a hack", but anyway. Here's a good article from Bruce.
Tor is onion routing... onion routing prevents an observer from knowing the two endpoints of a communication by "routing" messages through multiple encrypted layers, where the onion router at each layer only knows where the message came from and where it's going to next (i.e. not the original sender or final destination).
However, if the actual content you send through the onion routing network identifies the communicating parties, in the clear, then the exit node (the last router in the "route", which must decrypt the last layer of encryption and send the message to its non-onion-routing destination) can read it. Onion routing doesn't protect the content, it provides protection from traffic analysis.
Which is all for naught if you didn't encrypt the traffic in the first place. Let's say you live in Outer Phuongolia where it is illegal to own Seinfeld DVDs. In order to prevent the rampant proliferation of Jerry Seinfeld, Outer Phuongolia has also made it illegal to shop at Amazon.com. You really want the latest season, but how? Onion routing, of course! (that was your first thought, right?)
You use Tor to place your order, and thus the goons at OPHQ can't tell you plan to further corrupt society with another season of Seinfeld. Or so you think... turns out the Phuongolian administration isn't as dumb as it looks, and they're running a bunch of Tor nodes! Lo and behold, the exit node for your purchase happens to be one of theirs, and you didn't use SSL to place your Amazon order. The HTTP traffic from the exit node to Amazon identifies you, your order, everything. The goons are coming.
You gotta encrypt the traffic! If you had used SSL, the OPHQ goons wouldn't have been able to read a thing, and since they couldn't know where the traffic originated, they couldn't have done anything. Your dastardly plan would have succeeded. Seinfeld would have lived on in Outer Phuongolia.