1: Don't publish your public keys. Keep them as secret you would keep your private keys.
2: Again: Treat your public keys as they were your credit card numbers. Would you enter your credit card number at some random untrusted USD to EUR exchange? Would you give your credit card number openly on this forum? Would you give your credit card number to some random wanting to give your money?
3: Yes you can give public keys. But treat them as your credit card number. ONLY give them to trusted people. Think of trusted people as like those nice webshops that you trust and know have good reputation. You freely give your cc to them.
4: Only deal with trusted indivuals.
5: Once a key is used, consider it void. After a adress has been used for a legit transaction, NEVER ever reuse that key. NEVER ever collect
any coins that may randomly fall into that adress.
6: If a public key does leak, make sure to claim all coins before any new coins appear at that adress, and then toss away the private key to the leaked public key.
7: If you get unknown coins at a adress, use a client that allows you to select coins, to make sure to only select non-stolen inputs, to claim all coins from adress.
8: If, and ever if, unknown coins ever get mixed with your own coins in some way making them unseparable without tracing you to the stolen source coin, toss all those coins overboard.
What a new user heard is "fuck all that I should keep using Paypal because it is safe". Most active users on BitcoinTalk aren't going to do all that. Even doing all that is no guarantee you won't get so called "tainted coins". What if Bitcoinica hadn't noticed the theft for 8 hours. How many users even doing all 8 stupid steps on every transaction could end up with "tainted coins".
What does this laundry list of complicated steps accomplish? Absolutely nothing.
What does massive conflicting registries of tainted coins databases? Absolutely nothing.
A bunch of running around in circles flailing hands and accomplishing nothing except to drive away new users.