I wanted to add here that it is worrying, how much power here is vested in developers. And as much of a great job they do, they do make mistakes. Every time I have to upgrade, there is always a thought on the back of my mind - what if there is a vulnerability or exploit? Even worse is that even those of us who don't upgrade for that reason still depend on the 50% of other nodes to be not vulnerable
This doesn't bother me one bit as I keep most of my coin on paper wallets. My exposure to a client bug is always limited to the amount of coin I have online at any given time.
I wish the idea of putting bitcoins on paper had more favor with the developers and was considered an important feature for the client. "Click File, Print, Print Money. Be your own bank." Specifically, having the private key sweep/import feature exposed in the UI and for it to not need a full blockchain scan to execute would go a long way toward users ability to protect themselves from risks, including future client bugs. The more this feature is offered by lightweight clients, the fewer full bitcoind nodes there are going to be on the network as people choose those other clients.
And this is what you don't realize, and many people don't either. With too-widespread software flaw, you can lose bitcoin EVEN if nobody picks your private key, or hacks into your PC. The bitcoin network is only as good as the software. If there is a critical bug introduced, and too many people use the client that has this bug, you could push through any transaction you want. Those would technically be invalid transactions, and clients not affected by bug would reject them, but if too many clients will accept, it will become de-facto a new block. And once a bunch of blocks are stacked over invalid block, it will be practically impossible to rollback. So, your paper money would lose the balance and you wouldn't even know.
This is why, to my mind, it is so important to have the most basic, the most minimal client possible.
Command line daemon could have been it, but unfortunately there are known, 100% reproducible bugs in it, such as
this one, that have been there for years, and nobody would put a permanent fix. I realize, I'm jumping from a critical bug scenario to the one of real low priority, but bugs like that are the reason not too many UIs exist for a daemon
