Hi trogdor:
1 - Steemit, Inc operates steemit.com
2 - We are in the process of open sourcing the website. We can "live source it" once we have the resources to do so.
3 - Only on the level of web-app, the risks of censorship are similar to other sites that take direction from the government in they reside in. We're a US based C Corp, meaning we will likely need to be compliant in the way other sites are. However, Steemit is unique from others in that it's blockchain based so the most we can do is "hide" content. Users will always be able to point to our site and say hey Steemit is censoring because I can see that content on the blockchain and IPFS. The transparency helps everyone and puts us in a great position where we don't really have the power to censor anything.
4 - Steemit doesn't store private keys or passwords and with the coming source code the community will be able to monitor this to ensure complete security. This should become standard for any Steem-based web apps.
As an aside, please see steemd.com as a reference for what other web apps also see from the Steem blockchain.
RE: Security/Censorship questions for steemit.com