I understand that hidden services aren't perfect, and are vulnerable to several attacks (malicious guard nodes, etc). But once the server is located, how can the operator be tracked down? There are plenty of hosting companies where you can pay in bitcoin and hide your identity, and if you only ssh to the server over Tor then shouldn't you be impossible to track?
Poor OpSec.