Thank you for posting this. However, what you write about risks on the 0.7 branch is not correct.
However in time as hashing power fled the v0.7 fork remaining nodes would become more and more vulnerable to a variety of attacks. Not just from a potential 51% attack, but also from accepting generated coins which were valid on the v0.8 blocks and even non hashpower related double spends.
Actually this isn't true. The Satoshi client checks for long invalid chains (
this line of code); if it finds one it goes into safe mode and stops processing transactions or responding to RPC calls. The message three lines below that line of code is what Pieter Wuillie is talking about in the original announcement:
If you're on 0.7 or older, the client will likely tell you that you need to upgrade.
The now-infamous OKPAY-BTCe double-spend was the
reverse problem: it was an attack on a 0.8 client (or a 0.7 client that for some weird reason accepted the large block -- there are unconfirmed reports that the bug is platform-dependent). Unfortunately that problem is a lot harder to solve. The Satoshi client needs to start
watching for long-and-recent-but-not-longest orphan branches.