Mike Perry is probably actually talking about website fingerprinting attacks rather than end point timing attacks. Roger also argues that fingerprinting attacks will have too many false positives to be useful. Of course there are others in the academic community who disagree with him.