You are right about that option. But I find it prudent to always reduce the chance of a type 2 error and increase the chance of a type 1 error (http://news.ycombinator.com/item?id=4081972). It is best to assume the worst and trust nothing whilst acting probabilistically than to assume perfection/trust and act deterministically.
Hence, in this case, if you assume everything is public, you reduce the harm that can come to you when the trust you have in a service fails you (as it may well do). Just like an investor - take on risk, minimise uncertainty and price catastrophe correctly. This gives you the best of both worlds - risk priced in proportion to reward. You can have your cake and eat it too - if you only take a slice and no more.
As a completely off-topic side note: Since I was introduced to statistics, I always forgot which error was type 1 and which was type 2. I had to read your link to find out.
In code, "int errorType = 1;" would be a badly chosen variable :)
The expressions "false positive" and "false negative" reveal more semantics than "type 1" and "type 2", and are therefore much easier to remember.
You are correct, my apologies for explaining with improper terms - that's the curse of knowledge I suppose.
I quickly forget that the "map" in my brain is about 10 times more detailed than the vector representation I detail in my answer - and it often lacks ideas that may be critical to understanding.
I will use false positive/negative terminology from now on - apologies for the dense language and propagating difficult to comprehend terms - I'll try to stop doing that :D.
While I do agree that false positive and false negative are better names, they do have one shortcoming in comparison:
Classical statistics suffers from the inference problem, where instead of "tested positive for presence" you have to say "tested negative for absence". So a type I error is a false negative as much as it is false positive, which can get confusing.
Hence, in this case, if you assume everything is public, you reduce the harm that can come to you when the trust you have in a service fails you (as it may well do). Just like an investor - take on risk, minimise uncertainty and price catastrophe correctly. This gives you the best of both worlds - risk priced in proportion to reward. You can have your cake and eat it too - if you only take a slice and no more.