I think it's not entirely unlikely that we will be seeing combinations of #2 and #3. That way the opposition can both make a profit directly, increase their influence on the platform (maybe just to spam) as well as see their own business superior in the market place.

But we're more dedicated than them. Surely we could come up with DDOS and spam protections. For a first line defence against (second, if we count stake), my money is on creating a system of vote-negation and blacklisting (very similar in effect to what Steemcleaners has to do daily, but at another level), that would itself have to be supervised and limited only to affecting particular actions.

For instance, a certain number and pattern of regular money transactions from a particular account would remain unstoppable no matter what, but posting and commenting could be prevented if there is constant malicious activity.

This prevention method would have to be carefully thought out and openly experimented with before asking the community directly for their opinion on the matter of course.

My own example here is only a rough idea, without going into all of the specifics involved.