If an attacker owns your entry guard and an exit node that you use, he can determine that you accessed a specific clearnet site. If you don't use HTTPS, he can see what you are doing. If an attacker owns your entry guard and an HSDir, or an intro point, or a hidden service entry guard, he can determine which hidden service you are accessing. If he owns your entry guard, theoretically he could use fingerprint analysis to determine which hidden service you are accessing. You'll notice the common threat in all of these attacks is that the attacker owns your entry guard. Since you keep the same entry guards for about a month, it would take a long time and a lot of resources to perform these attacks, unless you are incredibly unlucky, which is why I say the chances of getting pwned are miniscule and not something I would worry about unless I was an extremely high value target. These attacks are better at pwning a few random (unlucky) people among a really big group, rather than targeting specific people. Changing your mac address doesn't make a difference at home. If you go through a router, that's all that your ISP sees anyway. Also, yes, using bridges increases your safety. In fact, as long as they are stable and running, they can be permanent entry guards, so unless you are extremely unlucky in picking a malicious bridge, you would probably never get pwned by these attacks.