BU has known attack vectors, it's part of the BU "design".

The BU concept is presented as that everyone is perfectly rational and has perfect goodwill towards BU, and so picks a sensible figure that everyone can handle. The reality is the soft 16MB limit can be quickly and easily reached if someone malicious floods the network with 16MB signalling.

Also, BU wasn't (in the past) programmed to follow the longest PoW chain. That would cause the BU blockchain to fork spontaneously into different blockchains as long as there's sufficient disagreement between the nodes about what the blocksize should be (a minor incident like this happened recently with a BU mining node, implying these kind of risks are still programmed into the software not as a bug, but as a feature).



Segwit has an attack that can be easily stopped: sighashing attack can be performed on the 1MB base block (and not on the 3MB of witness block).


But that attack can be done today without Segwit, but it's not being used, because it's not very effective at this scale. And miners can easily detect transactions crafted to attack in this way and simply not confirm them in their blocks. A malicious miner could still include them, but that will still be as ineffective as the attack is today, as it's identical (only the 1MB base can be attacked).