And yes, thats the risk-- that your counterparties degree of freedom in choosing part of the contract will let them find an alternative contract with only collision like work, rather than with second-preimage like work.
You can mitigate by having multiple rounds of communication with commitments, but few to no one will implement this in practice: Each communication round is a huge software engineering and UI cost, and most people don't understand this collision vulnerability (or _any_ collision vulnerability) even after having it explained.
- snip -
So, the solution to this (for me) is to insist that I'm the one that generates the contract address. This removes the counterparty's ability to engage in this attack.
If the counterparty is aware of the risk and doesn't have reason to trust me, then their only recourse is to offer the "multiple rounds of communication with commitments".
Since in practice "no one will implement this" AND "most people don't understand this collision vulnerability", the odds are that I can almost always get away with being the one to generate the contract address every time (unless I'm engaged in a transaction with gmaxwell, since he understands enough to know better). Someone may eventually fall victim to this, but I now understand enough to keep myself safe (from this particular attack).