I’m very shocked that you as a former supporter of permissionless, proof-of-work, have apparently become hoodwinked and think that (necessarily permissioned) Byzantine agreement is adequate. Must be the lucrative sneakymine that changed your technological mind.
You're overgeneralizing. I'm responding to your narrow point about the DPoS being down. That didn't happen, which isn't even to say that it can't happen, but it hasn't yet (except as I noted earlier by bugs in the first few months of deployment).
I'm pretty skeptical about Steem/it (or EOS) ever becoming a decentralized permissionless system. It's at best semi-centralized in practice certainly and by design to some extent too.
Block producers have to take incoming data from the outside thus they must be contactable from the outside.
No, they do not have to be
contactable. They only need to be
connected in some manner to the p2p network. That can be through a combination of known and unknown nodes. It could be by passively listening to a broadcast signal and transmitting their signed blocks by (fast) carrier pigeon. The asymmetry favors the defender here because an attacker has to cut off
all communication (and to effectively attack the network has to do this to most of the block producers), the defender only needs to maintain
some minimum communication. Even then if the node is completely cut off, the defender can switch to a completely different node. I don't see the resulting whack a mole as a serious threat, more of an annoyance.