The 40,000 figure was surprising. I doubt the vast majority of them are web sites. They may be addresses used to access bots running over Tor. The attack on HSDirs is concerning. It seems easier to pull off than an attack on intro points. You don't need to brute force a fingerprint that exactly matches the descriptor ID. You only need to brute a fingerprint that is closer than other relays. Apparently you can do that within a day or two, so someone running 12-18 servers, as the author points out, can reliably position himself as all 6 HSDirs, returning 404 for the descriptor and DOSing the hidden service. You can't solve this problem by increasing the number of HSDirs that your hidden service publishes its descriptor to, since users' clients will ignore the others, nor by running multiple instances of Tor, since they will all publish to the same HSDirs. This is the bottleneck where client and service meet. The only defenses that I can think of off the top of my head are to distribute a custom TBB to SR users that queries up to N HSDirs, where N can be as high as 100 if needed to mitigate an attack, or to run your own relays which obtain the HSDir flag and brute force their fingerprints closer to the descriptor ID than the attacker manages to do. Both defenses have complications, though. Hopefully there are more innovative defenses.