I'm not sure how you justify the Sony attacks but I'm sure it had something to do with corporate greed and perceived threats to free speech.
I don't see why having private keys on a server would be less secure than having these on your laptop/phone, which is much easier to steal or borrow...
My laptop is only vulnerable to theft by people I am in physical contact with and is generally my responsibly to secure while connected to the Internet. Placing SSH keys on a server means I'm giving these keys and any access they grant to the admins of said server and am placing my trust in them to keep them secure. This is fine for automated trust relationships between hosts but not generally a good idea for personal keys.
Variables don't; constants aren't.