I noticed this table on page 16:
Table 2: Vulnerability of proof of work and proof of stake consensus mechanisms to attack vectors
Attack type PoW PoS Delegated PoS
Short range attack (e.g., bribe) − + −
Long range attack − + + 3*
Coin age accumulation attack − − −
Precomputing attack − + −
Denial of service + + +
Sybil attack + + +
− −
Selfish mining maybe − −
So I think this means BitShares has vulnerabilities for Long range attack, Denial of service & Sybil attack only according to BitFury. And the point 3* says Long range attack can be prevented by using social-driven security in addition to protocol rules.
3.8.3 Long Range Attack
Short range attacks described earlier in this section are made expensive in the case of delegated proof
of stake, so we need to consider the cost of long range attacks as well. For proof of work systems, the
cost of a long range attack is prohibitively high. For example, an attack on Bitcoin lasting for 1,000
blocks would require $4 million at very least (and, unlike a short range attack, it would be highly
visible as observed network hash rate would drop in half for an extended time).
In earlier versions of proof of stake, the cost of a long range attack would be much lower; as we
showed in the previous section, a one day long attack may cost about $5,000 in a system where a valid
blockchain is determined based on total destroyed coin age. In delegated PoS, an attack typically re-
quires collusion by 2/3 of delegates; its cost is difficult to assess, as delegated PoS protocols use differing methods to select, reward and punish delegates.
5 Conclusion
....
A recent development in proof of stake are delegated systems. While these systems solve several
major problems with the straightforward PoS implementations, they are not yet widespread, making
it difficult to evaluate their security. Nevertheless, delegated PoS solves the “nothing at stake” problem
and prevents short range attacks on the system.