Searching the web for "tor timing attacks" (without quotes) returns too many hits. Short summary and PoC is at [1]. At [2] Tor (and/or DoD) confess:
The Tor design doesn't try to protect against an attacker who can see or measure both traffic going into the Tor network and also traffic coming out of the Tor network.
NSA and the like definitely can "see" traffic almost everywhere, so Tor doesn't protect against the NSA, right? (some people learnt this the hard way). IMHO the first fucking thing Tor must do is to make the user click at least three times on the above disclaimer. Trying to make the rant on topic: Is it theoretically possible at all to make low latency anonymity of sufficiently decent quality? [1] http://seclists.org/fulldisclosure/2014/Mar/414 PoC: End-to-end correlation for Tor connections using an active timing attack [2] https://blog.torproject.org/blog/one-cell-enough