I think you are right. If a powerful block with a ton of computing power like China, Europe, or USA wanted to bring down BTC, they may be able to in theory. However, people could just reorg anything they did after the attack is done. Besides, I don't think they would bother until it is a massive threat to their economy because as you mentioned it won't actually give them a positive benefit and more likely eliminate a negative one. Also, it will probably allow analysists too much insight into their computing techniques and strenghts to risk it.

I do wonder how they can manage to make it take less time to withdraw without it being dangerous.

I think limiting APIs for withdraw would be an obvious idea. If you are engaged in arbitrage (giving your transfer key to 3rd parties), you don't get protection when hacked. BTC may be able to implement their own protective system.
I would only support a decentralized solution. I am still not sure how that would work.

One thing I could see is set up a kind of timed lock. For example if I hit 21st day of month or lock for 6 weeks, it is impossible to reverse. Allow people to set it for up to 1 year. That means those who want to keep it and forget it can.