Since relay selection is weighted by bandwidth, adding a few hundred high bandwidth relays to the network to run a successful Sybil attack is also hard, especially if you don't want people to notice. When the number of relays jumped from 3500 to 3800 in a day last month, I know people who shut down their hidden services. They noticed. (That was probably a false positive, just a burst of interest in running relays.) The paper from a few months ago presented an attack on hidden services, which cost $11,000 and took 8 months to achieve a 90% detection rate. It did not present an attack on Tor users, although the implications were that you could run a similar attack on the users of a hidden service if you become the hidden service's HSDir. Instead of rotating in as one of the hidden service's entry guards, you rotate in as a user's entry guard. With a large enough user base (like SR), you are guaranteed to pwn a small random sample of the user base pretty quickly, but then what? All you know is that those people visited the web site. Journalists, curious people and even other LE agencies do that all the time. You'd be expending large amounts of resources on traditional investigations of a lot of dead leads and small time buyers who don't matter. Also, users can mitigate the attack by increasing their entry guard rotation period. A few permanent bridges completely stop the attack. Exactly. Every busted buyer that we know about was busted because of drugs in the mail. Every busted vendor that we know about was busted because of IRL dealing or drugs in the mail. We should keep our focus on the big threats. We also just witnessed an application layer exploit that probably deanonymized thousands of FH users, so I consider that a big threat now.