What have I missed?
a large number of pooled, colluding clients
Very tough to pull off, to begin with. And by default IIRC you try to spread out your connections based on IP or somesuch, besides the fact that you connect to a random number of things, and can always connect to a fallback node.
Would it really be that hard?
With some truly enormous (1/3 of the network and growing) pools running and the incentive of very real money to be mad is it that far-fetched to think that pools could become aggressive/defensive?
The operator or some member could distribute a "installer" which would perform these actions automatically. I expect most people wouldn't care if it benefits their bottom line and others could rationalize it under the guise of a defensive measure.
Also, these interference nodes wouldn't have to be big time hashers. A botnet could be put to use for the simple purpose of diluting the number of useful broadcast recipients or triangulating on DDoS targets rather than hashing directly as is more often suggested.
Search the forums for "Sybil attack" and you'll find relevant discussion.
Thanks. I'll have to check it out.