okay so they can't watch porn or play RTS'

Well, as I said in that other thread (which I also can't remember the title of), at most, this will be offered as an optional alternative to, but will never replace, the standalone OS. This idea has been around for a (very) long time and it may be great for some business services, but it will never translate to the general public like "traditional" OSes have.

well if nothing else you'd have to have a dedicated device on the client end, be it customised WAN routers, specially built terminals or a regular server running a specialised app.

Oh, once again some nice bullshit on the "future of computing". Funny. So, the future is a no-go for the uber-powerful Intel microchips?
Seriously, if the netbook seems to be the nearest thing to those "net-PC" the so-called analysts (and Weclock, probably :-P) were predicting many years ago surely THIS IS NOT the future, because I'm not so stupid to put my porn.... ehm... P2P files in the hands of anyone else that is my damn hard disk on my damn, powerful and disconnected client-PC.

Heh, Web OS is probably the most retarded thing I've heard about. I've got a rather shifty web connection, and considering how unstable online connections can be, it's all just a bunch of shit. Plain and simple. I could see it at as kind like "on the move" thing, but not something for regular use.

Amen :-P
And btw, if the "future on the web" is pure rhetoric, the unreliability of a domestic connection and servers isn't. Period. Fyi:
- Don't trust the servers.

breaking news!
thanks google, you're ruining life for everyone.

So Google is looking to cash in on replacing one of the cheapest components of home PCs (HDD space) by creating an infosec nightmare. Somehow I don't see this replacing local storage anytime soon.

i don't think the first idea is to replace local storage, but to make your local storage accessible anywhere.
virtually however, this opens up the potential to keep your operating system on a server on the other side of the world.
web os.. as much as I hate it, I do believe it will come.

Local storage can already be accessed from a just about anywhere via various types of secure connections. The critically different aspect of what Google is proposing is that the data would be located on hardware not under the control of the end user (thus the end user has to trust someone else with the security and integrity of their data, someone who has very little stake in either of those things). Additionally, having the data of a large number of people stored through a single service makes that service a high value target for people looking to steal data, so while the individual security measures Google could provide might end up being superior to what individual users can come up with, the fact that more people would be focusing on breaking into the system would make the data overall less secure. And given the number of data breaches we see on a regular basis from companies I wouldn't even bet on Google's security being superior to the end users' own security from the start.
As for the web OS, until internet connectivity is fast enough and, most importantly, reliable enough (and I'm talking along the lines of four nines or better uptime), and the end user can be given a compelling reason why they should switch from a local OS, we're simply not going to see it happening (nor should we).

Actually, it does make sense for me in a variety of ways. First, there's a lot of data that I don't need frequent access to and which is usually split between my local HD array and a server I've rented in Karlsruhe. Especially for code and documentation it also really increases productivity tremendously when multiple people have access to the current version at all times, instead of trying to synchronize it through other means. For storage, it simply means that I don't have to hook up different hardware when I need access, but simply log in to my server and that's that. I don't need space at home and the provider can make use of my usused space to store other people's files, reducing costs. You can see this with email applications: No provider has enough space to host the full memory that they offer, but because few people actually use the full space, they only need a few percent of the memory they offer.
As for the average end user: Many people don't do anything with their PC besides checking their mails and a bit of word processing. Giving them a PC is pretty much overkill and a thin client can do wonders as maintenance is centralized and you don't have to install updates and so on over and over again. My graddad would probably be a lot more happier with a thin client. Yes, I'd still need a real OS, but I'm not exactly an average user.
Security wise there are ways to make it at least as secure as a normal system. A thinclient has a much more lightweight OS and therefore is less likely to contain security-relevant bugs. The server on the other end is maintained by a professional and should receive a lot better service than most endusers can do on their own. Data can be stored in encrypted form and a secure connection can reduce the danger of eavesdropping dramatically. I think that a thin client - fat server can potentially be a lot more secure than a traditional system.

The first thing you described, renting a server for making shared materials available and as an off-site back, is something I have absolutely no issue with and recognize as a very useful thing. It also poses very few security issues, outside of the typical vulnerabilities and major SNAFUs that you'll find across all tech solutions.
As for most people needing nothing more than a thin client, while this is true in terms of computing power, a thin client wouldn't offer much (if anything) in terms of price over a low-powered PC, not to mention that companies offering the OS as a service aren't likely to be doing it for free. Additionally, reliability will probably be decreased, as there are now two additional points of general failure, the server and the connection, in addition to the local hardware. At the company that I work for (~180 employee biotech company) we have midrange PCs for our offices, then low-powered PCs that we use in the labs which just run a remote desktop client to connect us to our office PCs (basically just acting as thin clients). About every 10 minutes the system hiccups due to either resyncing with the office PC or because of network congestion. It's no issue as computer use in the lab is pretty intermittent, but if I was trying to use a similar system for my home PC it would drive me batshit insane. And this is on a local area network managed by a dedicated IT staff. Thinking about something similar running over multiple networks (customer's ISP, backbone provider, server's ISP, etc), and by a company whose workers are well-insulated from any angry customers, and it sounds like an absolute nightmare to me.
Finally, from a security perspective, the key issue is that the data for a large number of people will be centralized in a single system. While the security for the centralized system would undoubtedly be far superior to any home PC the home PC is a low-value target, while the collected data (of tens or hundreds) of thousands of people is a high-value target and thus the security threats that the system has to defend against are much higher. Additionally, the weakest point of any security system is not a technical one, but rather is the human element, and the more people involved the bigger the chance that one of them will compromise the security of the system (most of the data breaches we hear about on an almost monthly basis are because of employees doing something stupid). A home user does something stupid and one person's data is compromised; an employee at a data storage company does something stupid and the data of thousands of people are compromised.