No, he's worried about malicious code embedded into alt-coin clients which would have access to the user on the server where they are located.

IMO this is quite a tertiary worry. Of much more importance is that of attackers gaining root access to the machine where the wallets are located, executing a few commands and emptying all the coins.

That has been the most common attack vector in bitcoin related businesses. Better to design something to secure the coins where you assume the attacker already has root access.

Cheers, Paul.