Nick's answer is very helpful, but might not be sufficient to get us (and BitCoin) in the clear. There may be a valid and grave concern based on the fact that crypto hashing functions aren't proven to satisfy constraints 2 and 3, so they potentially can be weak.

Even though people could switch away from a crypto hashing function to a better one, what would allow us to know for sure that someone isn't silently using the weakness of the hashing function to steal? Going undetected would allow you to leech from the bitcoin system, perhaps by getting a enormous share of mining rewards without expending nearly as much computing power. This kind of arbitrage could allow you to get rich off of every nerd who uses BitCoin (admittedly myself included) and some venture capitalists (I'm getting there ;) ). And since we're speculating, wouldn't it be convenient to tie develop a currency based on crypto if you want to get really rich. Obviously, exploiting it without removing its potential for growth and adoption...

If you know the exploit to SHA-256 and know how to leech off BTC and other crypto currencies, the altruistic and honorable thing to do is publish the exploit. The egocentric thing to do would be to abuse it.

I hope that someone will prove me wrong about this potential for abuse.

If not, it basically comes down to this: with great power comes great responsibility! Everybody says trust isn't needed with BitCoin. It STILL comes down to trust, but now trust that no one came up with this loophole or that the one who did isn't breaking the system more than it's contributing societal value.

I'd really have big respect for the person for choosing honor above personal gain. Unless you siphon the gains to a good cause, but even then I'm sure that a single person isn't best capable of handling those amounts of value. A crowd or even a market knows better how to allocate funds somewhat optimally.