Non hashed passwords in the database only make the database more vulnerable should it be stolen. That's it. It doesn't make RS untrustworthy. Let's just hope his db is unstealable.
There is no such thing and if he claims otherwise, than he's just being arrogant. But keeping passwords in cleartext is a real threat. In hosting companies there is a lot of people who have access to servers. It's much secure to make sure they can't just make a copy of your disk and start stealing accounts from stupid users who are too dumb to use diffrent passwords.
Don't get me wrong, I am using myself mcxnow and have no intention in undermining his credibility - just pointing how it works. I've created multiple applications and this kind of thing is Security 101.