Hi everyone,
Operation Onymous, the anecdotes about it (I don't think the DoS was a DoS), the wording of the related legal documents, and the previous CMU research... make me think that traffic confirmation attacks are now widely used in practice. Other, cat-and-mouse implemetation vulnerabilities may be diversions or parallel construction.
This kind of attack would mean it's game over for HS that use HTTP or other low-latency protocols.
Has there been research on integrating high-latency message delivery protocols with the hidden service model of location hiding? The SecureDrop or Pynchon Gate protocols sound like good starting points. I would love to participate, and encourage everyone to start in this direction (in your copious free time ;).
Mansour