> unless someone at the Tor project massively screws up
And that is what the author of the article is claiming.
My comments here aren't in agreement with the author of the article, and I'm not claiming "HTTPS is bad" or anything like that. It's simply a categorical fact that HTTPS has more vectors to be fingerprinted than HTTP.
That's a pretty small percentage of users for whom HTTPS isn't an across-the-board win for privacy.