We should realize that any technology without controls will be taken advantage of. There's a reason we've moved away from insecure default logins, unauthenticated admin portals and allowing apps to do whatever they want - those things have all been abused.

Security must start in the design. Spam killed pingbacks, and unless Webmentions design with that flaw in mind they're doomed to the same end.