Sure, but it provides an interesting context. $75k at Amazon's EC2 prices gives you a good idea of what the ballpark is - i.e. reasonably accessible for any large organization, esp. criminal organizations.
If EC2 can collide SHA-1 with $75k of rented GPU time, imagine how trivial it is for an organization willing to buy $100k of dedicated GPU compute hardware to devote to colliding SHA-1 certificates. You don't even have to botnet once you have enough working capital.
Never mind how trivial it is for an organization like the NSA or GCH to do this sort of thing with their existing hardware.
The biggest risk doing this on a botnet that I can see is that there's a chance some researcher looks at what you're doing and alarms the world before you get a result. There's no big risk of that on EC2.
Using a botnet for compute has opportunity cost attached to it. However, I have no idea about the usual prices when they are rented.
If EC2 can collide SHA-1 with $75k of rented GPU time, imagine how trivial it is for an organization willing to buy $100k of dedicated GPU compute hardware to devote to colliding SHA-1 certificates. You don't even have to botnet once you have enough working capital.
Never mind how trivial it is for an organization like the NSA or GCH to do this sort of thing with their existing hardware.