a. This is an extraordinary prospect; thanks for bringing it up. I do have a question though... Could the ISP of yours (provided they're aware) pinpoint your XMR transaction in some way? (ie: by sniffing header i2pd packages?)
Big data analysis is a big business. Currently, most of it revolves around creating scoring programs to capture targeted data, even if that data is encrypted in your TLS/SSL protocol using RSA, ECDH_ECDSA, ECDHE_ECDSA, ECDH_RSA, ECDHE_RSA, it's still collected and stored based on a multitude of scoring systems, for possible 'pinpointing' later. This means that one of the major movements we're seeing is a literal countdown, equivalent to the ball dropping on new years, of valid quantum computers being developed. After that, someone would have to develop a quantum algorithm for specifically breaking each one of those in the protocol, which also involves working this out mathematically before a valid implementation can even be attempted on the computer. That's just internet traffic, which likely has multitudes of levels of more juicy information in it than a Monero transaction right now.
I believe the way i2p would work with Monero, is that they would still possibly be able to pinpoint 'an' i2p package (not being able to identify what's in it, however), possibly from your ip address (which you can also obscure through a VPN). Anyways, that package would have a very tough time being tracked back to your ip address (someone else will be better able to explain i2p to you than me), but you should be able to use other things like mac address spoofing to give yourself even more unlinkability.
Long story short .. it would be a lot of work, and Bitcoin and likely every other Altcoin, along with just about every internet protocol in use, as well as most encryption standards in use today, would all likely be broken long before someone picks your individual transaction from your individual address (let alone even scored high enough to capture the data - blockchains are a little different though) from the blockchain, and links it to another of your individual transactions, and same address, as the encryption used to prevent double spending on these blockchains is not yet secure against quantum algorithms.
If that's not a lot of security in 2014, I really don't know what else to try for here
As for a quick answer to your question: Yes, but the timeframe in which they are capable of identifying exactly everything, is likely outside of a decade. Possibly even lifetime, but who knows! Even then, it still has to be economically feasible, so they likely aren't looking for Johnny buying weed. There's still a long way to go, provided everyone takes the right steps.
b. This is the way I bought the majority of the stash of mine. I mine a little right now with a small office farm. Are you referring to the possibility of renting a botnet just for the mining purposes? Hmm... Depends who's door you're going to knock. 
I'd advocate for an investment of your own mining equipment, before ever contacting a botnet operator and buying from them directly, but it's your choice. Fortunately, they would also likely be privacy-minded as well, so at least there's that in common.
This May I heard btc was going to be 5k in July.
