[upofadown]

The most practical of the four attacks appears to be the message reordering in that it is something that actually could be done and might potentially mean something. The attacker would be unlikely to know the content of the encrypted messages in an instant messaging system to do some sort of meaningful attack. In the case where the messages were not waiting on a server for an offline client the attacker would have the difficulty of having to buffer the messages themselves in a way which would not break communications entirely. IM is fairly interactive end to end most of the time so message reordering is not much of a threat.