FWIW, I think both questions are worth pursuing. Maybe there is a software problem somewhere, but if it turns out that its profitable for a dominant entity to carry out such an attack (and without doing any math, I do think it would be), then this is a problem worth solving regardless if we have suffered the consequences already.