The suggestions in that thread address avoiding the need to expose your private key while claiming new airdropped shares, but it is assumed that the original donation address private key is rock solid, 100% secure, and will never need to be changed.
I really can't imagine that all the original AGS donation addresses were paper wallets created on air gapped computers with private keys that never touched the network. In all likelihood they were normal wallets which continued to be used for other purposes after the donation.
Everyone keeps chiming in about how to keep private keys safe while claiming 3rd party DACs utilizing signed transactions, but this is completely missing the point in terms of security in my opinion. The root of the problem is a locked down original address.