Do you think that "bad hardware / software" exists and that could make the pool vulnerable?
Like I said, all mining pools are vulnerable to block withholding attacks. All pools.
Whether bad software is still out there, I don't know. But as we have seen, it can happen.
Bad hardware is very unlikely. All the ASICs I heard of so far simply look for anything from diff 1 and up. Doing something else would require more logic on the chip.
Okay, I concur all pools are vulnerable to block withholding attacks (currently) .. and established bad software exists, and we can debate hardware concerns pointlessly as a "consumer union" report would have to test different hardware with testcases.
So, given that vulnerabilities exist, do you think it is possible and worth protecting against known vulnerabilities?
Is there a statistical test to say that a miner or group of miners are behaving unusually ... I would think there is.