Re: Ethereum could afford a 51% attack on Bitcoin, and profit greatly from it
And the difference in the core concepts just lies in the fact that for PoS the voting power is directly proportional to the amount of stake you have in the blockchain, whereas for PoW the power is instead distributed according to the hash rate an individual controls
That's a quite naive understanding of the differences between both consensus methods.PoS is a bit of a circular logic: consensus determines stakeholders, and stakeholders determine consensus. I hope you know about the Nothing-at-stake problem. The root of that problem is that in PoS there is no way to determine objectively in a decentralized setting if a certain entity is "staking coins" and has thus the right to be a validator. For this reason, you have to be sure that the node you connect to when you re-sync the chain has the correct information. This is different in PoW (see below).
Empirically it seems that PoS blockchains have stood the test of the time and "just work". This however doesn't mean that the Nothing at stake problem has been "solved". Instead some mitigation strategies, including BFT principles, were applied which make it more difficult to attack the PoS consensus. But the problem is: These strategies depend on a certain grade of centralization. Weak subjectivity means approximately: If everybody agrees that the nodes by the Ethereum Foundation and some big exchanges are authoritative for the state of the blockchain, then most nodes will follow their nodes and we have a stable "state". So it "looks" like the chain is safe.
And still, as the consensus lacks objectivity, it is not impossible the find a loophole to attack. A complex attack involving hacking of the servers of "authorities" like exchanges and foundations and perhaps even identity theft (imagine Vitalik's node and his social media accounts being hacked and luring users to the attack chain) could reduce the cost of an attack to a fraction of 34% or 50% (depending of the attack's goal) of the staked coins.
In a PoW blockchain, you don't need to trust other nodes. If you are eclipsed for some time by an attacker, then you may think for a moment that you are following a wrong chain, but as long as you are not 100% eclipsed (which is nearly impossible) and can connect to at least one node with the real "longest" chain, then you're fine. In PoS, you need to find an authority.
We could argument for example, with the same validity than your assumptions about "Ethereum attacking Bitcoin", that Bitcoiners could fund an AI to discover loopholes in the PBFT PoS mechanism of Ethereum and attack it in a similar way I described above.
Is this case contemplated in Ethereum's security policy? I personally don't see 'weak subjectivity' as ever truly becoming a problem for the consensus on a blockchain like Ethereum. The point is: Why would the Ethereum stakeholders ever allow an attack to finalize for good when that would undermine their currency?
In the attack I mentioned you wouldn't know who is a legitimate stakeholder and could vote. Thus every time the blockchain is attacked a hard fork would have to occur. That's the same as in PoW.I think you are right, at least in principle, about this problem with PoS. This also mirrors my original concern about PoS, it sounds like, namely that earlier stakeholders can just make a long-range attack by creating a seemingly legitimate chain. And you are right that they could in principle try to flood (and/or hack) the network in order to actually convince other users that their new reorganized chain is actually the honest one that has been used all along.
However, since traders are actively following the ledger, and since a part of the community is following the ledger as well, I think this might be nearly impossible to pull off in practice—similarly to how the Bitcoin community would also easily be able to at least detect the long-range attack, as I'm currently discussing with @HeRetiK.
But you're right that Ethereum has flaws and vulnerabilities (e.g. the whole DAO mess-up). And you're right that any opportunistic Ethereum stakeholders who toys with the idea of a Goldfinger attack would certainly at least consider the potential for Bitcoin retaliating in one way or the other.
If the Bitcoin community chooses to rely on this fact, however, it would technically mean relying on the belief that Ethereum is vulnerable in order to feel safe that Bitcoin is not.