Tor Exit DNS Harms Privacy

I read the parts of the paper I could understand (meaning: not so much). Here’s what I took away as an end-user:

For a Tor user to be de-anonymized with a traffic correlation attack, we usually assume that an adversary has to have visibility on both endpoints (or related ISPs). According to the paper, it is sufficient for the adversary to have visibility on entry and visibility on some of the DNS traffic. Exit TCP traffic is not necessary.

In specific, real-world terms, this means that a US-based Tor user has a frighteningly high chance of being de-anonymized by an American intelligence agency who has cooperation from a large national ISP as well as a large public DNS provider, like Google. Where it might have been difficult for said intelligency agency to obtain cooperation from foreign ISPs or to capture a significant percentage of exit nodes to observe TCP traffic, the paper (if correct) would render that effort unneccessary. With just Google & OpenDNS cooperation, the agency would have visibility on 50% of the DNS requests coming from the Tor network. And the entry visibility could easily be provided by ISPs that have cooperated with the NSA in the past (ie PRISM).

What about Tor clients?

Is it possible to route DnsPort traffic to a personal hidden service hosting a DNS server? Of course, it’s possible for this server to come under surveillance. The idea is to avoid lookups via Google, OpenDNS, OVH, as mentioned in the paper - the big targets. If an adversary has the means to observe every packet everywhere, they could just as easily mount a TCP correlation attack.