Of course, the authors of this paper are being kind of hyperbolic, because the entry guard system itself protects from this attack being fully carried out to deanonymize all clients. However, there are attacks for deanonymizing hidden services with little resources, especially if the attacker is a LE level attacker and can use court orders against targeted guard nodes (or if they don't even need to use court orders, because of figuratively prehistoric communication privacy laws, which were mostly crafted ages ago to protect our physical mail and most recently telephone communications, and which are almost completely obsoleted when faced with modern intercept techniques). Tor started out with the goal of being a system that distributes trust in such a way that any one of the nodes you use can be compromised, and it doesn't compromise your anonymity. Using a single proxy is a single point of failure, Tor attempted to remove the single point of failure via its encryption techniques and using three nodes. Tor was celebrated for accomplishing this, but really it only superficially accomplished it. In reality, the entry node is far, far, far more important than any of the other nodes. For clients, having a bad entry guard is almost as bad as using a bad single hop proxy, in some scenarios it is essentially the same exact thing. In the case of hidden services, having a bad entry guard is in pretty much all scenarios just as bad as using a malicious single hop reverse proxy. The middle node and exit node are far less important, and for hidden services they are essentially worthless nodes. Tor is low latency anonymity. They are at the head of the curve for low latency anonymity. But being the smartest retard is hardly an accomplishment.