I always assumed it wasn't the cost per say that provided value; malware authors certainly could lay hands to $630. The value is in actually asserting authorship & tying it to a legal identity.
I'd assume creating a fake persona / faking whatever is required to satisfy the identity checks that come with that $630 is the actual deterrent. If it was cheap to perform the actual identity checks it would still provide this effect.
And arguably the issue also isn't with money - it's that the value in "actually asserting authorship & tying it to a legal identity" is primarily a value for commercial vendors and platform owners. It's forcing open source developers to entangle themselves in the very system that open source culture is (or was) fundamentally in opposition to.
High financial burden? It’s something like $600. For me, the tragedy is that something as useful and valuable as ImageMagick is scraping by with so little support from end users and other companies and projects that use it.
I'd assume creating a fake persona / faking whatever is required to satisfy the identity checks that come with that $630 is the actual deterrent. If it was cheap to perform the actual identity checks it would still provide this effect.