I agree with everything you've said, but just wanted to mention "Entry Guards" as the "solution" that the Tor Project came up with for, "the adversary only has to get lucky once". The idea being that the Tor client picks only a few nodes for network entry and re-uses them. Otherwise, eventually you'd connect to all entry nodes.