First rule of security: There is no perfect security. You need a multilayered strategy. Tor is a start. Anonymized OSs like Tails are another aspect. Not releasing personal info on the web -- to the extent you can do that -- is another.
Is this problem even solvable on a fundamental level?<p>Of course, they can work on preventing nodes forwarding hidden header information, but an entity with global network insight will always be able to correlate users by the timing of their transmissions alone.<p>The introduction of malicious nodes is a workable option for lesser players. But hidden in the realtime nature of the Tor network is always the possibility of deanonymizing users if you're a powerful agency that can afford to inspect a sufficiently large part of all network traffic - they don't even have to run any nodes themselves.
"So if the attack was a research project (i.e. not intentionally malicious), it was deployed in an irresponsible way because it puts users at risk indefinitely into the future."
I'm disappointed nobody has "leaked" the research so far. If they cared enough to research it in academia, surely they know it's important enough for Tor developers to know about the type of attacks they were performing, despite what any government officials might say? At least some hints should be leaked, if not the whole research.
It sounds like to be truly safe you need to know safe entry guard node(s) and/or operate your own group of entry relays. Otherwise, you risk X% of your traffic potentially being deanonymized by someone controlling both ends.<p>Of course, if you do that, you probably need to remain constantly connected and moving data through Tor 24/7 to prevent any kind of analysis since you can't hide the fact you:<p>A) Control the relay you connect to.<p>B) Are connected to Tor.
Please will a mod rename the title? The blog post explicitly says (at the bottom) that we don't know if this is the Black Hat talk that got cancelled early.