you are absolutely right: "I am quite sure this battle is already lost", it is, for sure.
The idea of better controlling permissions on uploaded files, and all the innovations the repository system offers, is no question to further discussion.
But HOW this was technically solved, is quite worth the whole discussion taking place here.
a) a plain directory system where files and courses are clearly correlated without having to use extra tools or lookup tables in a database IS AN INVALUABLE advantage for system administrators
b) it is no question if you have to build up your server from scratch after a big big failure
c) I am administering Moodle since 2004 and NEVER had a total server loss
d) but in those years I migrated the whole Moodle-Server across 4 Hardware-Plattforms and it took me only a couple of hours to copy the whole data-disk. All the rest was to import the database dump and setting up the new server's OS, Apache, mySQL, PHP and Moodle came up running as if nothing had happened. And I had to change the data-disk several times to offer more space. This also can be achieved in a very transparent way: mount both disks, copy everything to the new disk, dismount old disk (but keep it another 6 months, just in case you need to fetch some files from there), change disk-path in Moodle's config.php. Moodle still IS a GREAT GREAT server and I would not want to change it, still from an admin's POV.
e) I never had a total loss BUT I HAVE LOTS of teacher incidents, missing this or that file, whole course is messed up (because they imported MS-Word-HTML), missing whole course, etc. etc. And my life was VERY VERY easy with 1.9 file system, no tables, no extra tools
f) imagine your system partially down, e.g. your mySQL-Database is down or corrupted. IN THIS CASE there is no tool, no Moodle tool, helping. This is the point of no return where you have to restore the whole system from tape. A partial recovery is not possible any more. But it was possible with 1.9 structures: you can recover the database dump, leaving the data-directory intact. Or the opposite, recover the whole or only parts of the data-directory, leaving the database as it is. In either case, missing a file or a whole course could be repaired by simply recovering the needed files from tape.
g) if I am not mistaken, if an uploaded file is not referenced any more, those files get deleted after a certain period of time. I am not sure if this is true for the referenced copies or if it is true also for uploaded files in the repository. Anyway dayly business shows us that user incidents are REAL. And they miss something when it is lost, either through automatic deletion, either because they deleted it themselves, however. BUT IT IS OUR job to give them back the data they miss. And if this can be done without extra tools, without lookup in the database, our admin life is the much simpler and easier.
h) in that perspective any extra tool that might help us is only a fix for something that worked without fix and without tool before. In other words, even sticking to the advantages of the 2 file system, everything should be done to keep things simple. The file system of an OS is a very simple database. No need to put another database on top of it. Even with simple file system structures, metadata and access permissions, resource-references, etc. etc. can be maintained in a database table. And what is the gain if an uploaded file is no more part of a course, but of a resource, only to be able to reference it more than once. Multiple reference IS A PROBLEM, even a button to UPDATE ALL REFERENCES will probably cause more harm than benefit, especially when teachers work in teams on different courses sharing one and the same file(name) and file-areas. Who will help them to keep track of the different versions they upload and the courses/resources where they want to keep one version rather than the new one. So I would have to teach them a fix again: NEVER UPLOAD a file with the same name! Change the name like that file01.pdf, file02.pdf so as to be sure you can reference the correct version in any course/resource, otherwise you will certainly loose track. And I would have to tell them also: NEVER USE THE UPDATE ALL REFERENCES button, unless you are the only teacher of your courses and you know well what you are doing.