I wonder if blockchain.info's implementation is too predictable. You send coins to an address, blockchain.info subtracts 0.5%, and 5-30 minutes later, two deposits are made to another address. Technically there is no taint between them, but if an attacker was trying to find the source of funding and worked his way back to an address that had two deposits made to it, usually something like 3.213261 and 6.73674, which adds up to a rounder number, in this case 9.95, then he could look for transactions preceding this within a certain time frame in the block chain, and if he sees a number that's exactly 0.5% more, in this case 10.0 BTC, well there it is. Bitcoin Fog's implementation seems safer, because the fee is randomized, and you can specify a variable number of addresses to withdraw to and the amount of time to do it in. You can wait 7 days and withdraw to 5 addresses over 24 hours, for example. It's much harder to track that down, as long as you don't consolidate the coins again.