[pyre]

> The headline implies that the "compromise" is an inherent failure in the protocol

Personally, I didn't read it that way at all. My first assumption was a hack, because it's more likely that a website was hacked than that the Tor protocol was so severely compromised.

> or else how could "half" of all sites be infected?

To me it sounded like a possible major law enforcement operation against 'rogue' sites. If someone was able to compromise Tor so completely, the idea that they would turn around and just hack half of the hidden sites doesn't make sense. Such an exploit would be worth major cash on the exploit market (mostly due to governments bidding against each other to get it).