That's really interesting Ego re: HSDir profiling and Patrick re: setting rule for .onion sites. And you have a phabricator .onion, nice! Thanks - learning a lot of you guys.
The (mis)understanding of normal users is that staying within the .onion network is much safer in general, as this is the boiler plate advice coming from the Tor Project.
1. Certificate Authority compromises (CAs are the main weakness in the whole internet - take them down and nothing is secure)
Quite seriously, when a CA is compromised, it will impact a great deal more than the web; users of email systems (SMTP, IMAP, POP,etc), Jabber servers, and any other SSL/TLS enabled systems are all at risk. Blocking specific serial numbers or relying on flawed, provably broken methods of revocation will simply not cut it anymore. When the actual protection mechanisms are not enforced, there is little hope of end users being protected.
This should serve as a wake up call to the internet. We need to research, build, and share new methods for ensuring trust, identity, authenticity, and confidentiality on the internet. Proposals such as DANE, CAA, HASTLS, and Monkeysphere are steps in the right direction but they face an uphill battle from entrenched economic interests.
Certification Authorities may continue to provide a piece of the puzzle but it’s high time we ensure that they’re not the alpha and the omega, anymore.
2. PRISM surveillance and their suggestion of .onions as a means of protection
However, the real interesting use cases for Tor in the face of dragnet surveillance like this is not that Tor can protect your gmail/facebook accounts from analysis (in fact, Tor could never really protect account usage metadata), but that Tor and hidden services are actually a key building block to build systems where it is no longer possible to go to a single party and obtain the full metadata, communications frequency, or contents.
Tor hidden services are arbitrary communications endpoints that are resistant to both metadata analysis and surveillance.
A simple (to deploy) example of a hidden service based mechanism to significantly hinder exactly this type of surveillance is an XMPP client that also ships with an XMPP server and a Tor hidden service. Such a P2P communication system (where the clients are themselves the servers) is both end-to-end secure, and does not have a single central server where metadata is available. This communication is private, pseudonymous, and does not have involve any single central party or intermediary.
My summary (if correct, this is not well known by general Tor/Tor Browser users):
.onions provide protections against fraudulent CAs or malicious certificates issued by state-level adversaries and hinders dragnet surveillance attempting to obtain full meta-data of internet use, for example, communications frequency or contents. However, HSDir profiling tools exist that can harvest IPs connecting to a hidden service, so it is not a foolproof system by any means.
I can add this to the wiki when I clean up that miscellaneous stuff from the hardening thread, if it's not already noted somewhere.