Merchants like this probably need to build something into their systems to automatically go into a safe mode if a 2-3 block fork is detected.
This might be an equally effective but less centralized approach. What do you think?
Yeah, this is probably the solution.
The Satoshi client already watches for long invalid chains -- a chain it thinks is malformed but yet has had more hashpower thrown at it than any other. The 0.7 clients saw this happen; it's what triggered the "maybe you need to upgrade" message. Unfortunately this never happened from the perspective of 0.8 clients.
From their perspective the whole network suddenly colluded to perform a massive 51% attack by orphaning a huge part of the chain.
Unfortunately it doesn't look like this can be ruled out in the future -- a situation where the miners have to choose between orphaning a huge branch vs permanently splitting the network (I hope they'll continue choosing the former). So watching not only for long
er invalid chains but also for
unusually-long-but-not-longest branches is probably something that needs to happen.
How does one detect a fork?
Run several versions of Bitcoin
You can do it without having to run multiple clients.
Example: if there is a branch more than six blocks long and the forking point is less than 144 blocks (~24 hours) back, stay in safe mode until this is no longer true. This will protect users on both sides of the fork so long as (a) nobody's trusting transactions with less than six confirmations and (b) the problem is discovered within 24 hours.