The problem is that we are not decentralised from the viewpoint of governance. We are relying on third party trust in exchanges and whoever owns the steemit stake (or even large stakes like @freedom, @pumpkin or @theycallmedan!).
The fact that we have 30 votes for 20 consensus witnesses means that any one large stake can effectively decide who is there. In many ways we are fortunate that this time it wasn't truly a malicious attack... But this needs to be fixed.
On chain governance (or any transaction for that matter) requires that we don't need to either trust or bind accounts. Which means that we need to find a way (perhaps limited votes that are at least smaller than half the consensus positions) to tweak the dpos model.
However, this will lead to exchanges and possibly steemit having consensus witnesses... And this is the price for a watertight dpos model. Otherwise, we will forever remain vulnerable to attack. However, this also means that fewer of the old witnesses will reclaim their position. We will see who wants to put the Steem blockchain first...
I think one way to describe it is as a 51% attack. It's possible on a lot of blockchains.
DPOS makes it even easier, but it also allows difficult decisions to be made much quicker than on a chain like Bitcoin.
I think there will be a lot of talk on how to improve it later. I just don't like to make decisions when everyone has their guns out.
I think putting the Steem blockchain first is most important. There are quite a few groups that obviously aren't. I think some of them are now waking up to realize they have no future around here after the decisions they made. I really don't think Justin Sun will become their protector :|