(well, as long as you don't choose an RIAA or ISP honeypot disguised as a node).
ISP honeypot? Do you mean a police sting operation?
That too but I was referring to ISPs who run their own torrent clients to copyrighted data and scrape IP addresses of their peers, search for the IPs that belong to them and serve those customers cease and desist letters which threaten to terminate their internet access if they don't stop torrenting.
Back on-topic...
You forget about valid alternative chain (usually with far lower mining difficulty), such attack is still possible if ever single node you chose are malicious node and the client doesn't implement hard-coded checkpoint.
What would the hard-coded checkpoint change if every node I connected is malicious?
I think he means when the node is programmed to accept a particular chain up to a certain block, then it's not going to consult any of its peers for blocks up to that point, only beyond that particular block. I don't know if that's what's done in Core (besides the Genesis block of course).