Only time will be able to arbitrate this one, but we have consistently pushed out time-lines to ensure that Ethereum remains safe. Ethereum core development definitely favours partition tolerance and safety over liveness.
There are 141,139 validators active in Ethereum as we speak (source: https://beaconcha.in/), corrupting that many people is very difficult. There are smaller PoS systems with eg. tens of validators which are more susceptible to state capture.
Bitcoin (the network with the most mining effort) lost 25% of their hashing power due to blackouts in Xinjiang. (Soure: https://twitter.com/nic__carter/status/1384938089748041730?s...) State capture of a majority of Bitcoin miners is comparatively easy.
In addition, independent miners have less hardware and that hardware is generally less efficient when compared to the large ASIC farms. In reality a recovery would probably require social consensus and a hard fork
Here are a few of the reasons that come to mind as to why this transition has been taking us so long:
* The design of the Beacon Chain is far more optimised than our initial designs for a PoS system
* There are far more crypto-economic edge cases in a PoS system when compared to PoW
* Software development is hard and time estimates are even harder
* The use of a hybrid fork choice to balance safety and liveness trade-offs
* There is a crazy amount of value being handles on Ethereum so it is necessary to be conservative with our changes (move fast and break things is not an option)
* There are 4 concurrent implementations being developed all of which need to be inter-compatible, and production ready
* As Ethereum governance is decentralised we need a shelling point for exactly what Ethereum PoS looks like, this takes time
* We have worked hard to create, encourage, and embrace standards with other chains so that the cryptocurrency community of tomorrow is more inter-compatible (eg. IETF BLS standard or libp2p networking)
* We have spent time designing around quantum-computing resistant backups for the majority of the cryptography (eg. validators all have a Lamport backup key though most don't realise it)
* New cryptography has been developed and previously abandoned schemes revitalised (eg. Verifiable Delay Functions or the Legendre PRF)