Not really. A timing attack can be used for confirmation, where they already suspect two parties of communicating, but it can also be used for identification, where they want to know who is communicating with a given party (or even want to know who is communicating with who). In this case they used it for confirmation. They could have had rouge entry nodes on the Tor network though, in which case they would be able to deanonymize everyone who used one to go to their IRC server. Timing attacks can be used to confirm a suspect or to locate a target. They only need to measure the timing characteristics of a single packet leaving you and a single packet arriving at the destination to determine that the two packets are identical. They almost certainly have *some* entry guards. They can try to force you onto them with DDOS but it will take a hell of a lot of bandwidth since they need to simultaneously DDOS every node that you select as an entry other than theirs, until you select theirs. If they DDOS the first four guards you select and then your first guard comes back online, you switch back to it. Could take a lot of DDOSing. This is called a congestion attack Yeah WiFi can be helpful. I doubt Tor people ever find a solution to timing attacks against low latency traffic without using constant rate cover traffic, which is not feasible for Tor to do.