Youre right. Sounds like a big problem wont arise. Only thing that might be possible is that some people might download it and use the old blockchain as base to run the new client. They might send their coins to someone and he doesnt get it because the transaction is only on the wrong chain. Or he might send his coins from the old wallet to the new one. Which might mean having sent their real bitcoins to an address that doesnt have a corresponding on the real chain. Though it should be possible to import the keys from the altchain into the old chain and get the coins back as long as the private keys system wasnt changed.
Does that sound right? If im right then this might mean some bad press or people complaining but youre right, it wont be the big problem most probably.
Let's say that someone holds a gun to Hearn's head (or Vladimir for Bitcoin Core for that matter) and makes them do a commit like "reject all blocks larger than 100KB". I think that a situation like this wouldn't last even 1 hr before alarms and the community went apeshit all over reddit, twitter and this forum, but let's say that it lasts for even 24 hours before someone figures it out. At that point, perhaps 1000 users download the client.
Any new users needing to download a new chain would basically get a broken client since they probably wouldn't be able to download any blocks past sometime in 2010 once larger blocks started happening.
Users who upgrade would get a huge warning on QT wallet (or in the logs for bitcoind) telling them they are diverged more than 3 blocks from the main chain. I don't think that they'd even be able to do a successful spend, since the client wouldn't be able to find other clients with a current block.
Again, it's not a zero concern problem it's just not a credible threat short of creating nasty code that does stuff like "send via FTP wallet.dat and keylog passwords to ftp.pwned.ru" - that's a risk that we all have to deal with and only run releases that have been vetted, signed and not released < 24 hours ago.
I think you described a situation that would hinder itself. Though there might be situation where the blockchain is changed so that the downloaded wallet is working, you only cant get back anymore. Malfunctions would be something that could be avoided if the alert would be misused for a "bad plan". You want that this plan works. In order to do that you would chose a change that would make the new client work fine... but you cant switch back. In fact you always can but it might be that you always were harmed. Lets say the new client creates transactions that only verify on the new client but not on the old one. Receiving and sending coins would be no problem but when you realize you have to switch back already some bad situation might have happened. Coins you didnt receive in reality or so.
Yes, most probably the community would react fast. But i mean the weakest are the one in danger. We have enough newbies that make failure and we might have many downloads of a client when the alert is good enough. You dont check forums when it says you need to do instantly... else harm... maybe.
I agree, of course, that its a theoretical problem. Only... bitcoin and bad news is such a thing... We want it to be a trustworthy currency. Tales of vanishing coins surely will have a huge negative impact. I think its good at least to think about these things.