Quite-good is stretching it a bit. It's serviceable but it's still Electron with gazillion megabytes of RAM taken for no reason and absolute nightmare on laptops since browsers like waking CPU a lot.
MeanEYE
They are thinking "your computer, your problem".
It has been known and they can't really change it. I think it's only now that people are realizing this is an issue or at least something happened to start the avalanche.
Idea of using a web browser for a platform was dumb enough and the reason why none of the keys were stored in appropriate services.
For Linux not much of a problem since amount of malware is not that big. On Windows however a different story.
It's actually by design. First of all they shot themselves in the foot by choosing Electron as platform to build desktop applications as Electron has no integration with the rest of the system, at least not as deep as native application has. Both Linux and, I believe, MacOS have secure storage programs for keys and passwords. Windows however does not, at least it didn't back when we got screwed. So this is another reason why they chose to store in clear text, you have to cater to largest audience no matter how dumb the solution is.
In its truest sense this is what a technical debt is. Shitty choice costing you increasingly more as the time goes on and now they are simply too deep to pull out. They are committed to this approach and simply switching would require too much money and effort.
And you are right, it's 100% security hole and a juicy attack vector. FileZilla did the same thing and there's malware out there specifically targeting this software and is using user's servers for propagation. Our systems got infected the same way long time ago because one of employees was retarded enough to use FileZilla and save password in config file even though I said not to. Since password was saved in clear text format and FTP is not terribly hard protocol to implement we got screwed. After that incident when our servers were almost taken down from internet, FTP was banned and any form of password login without two factors.
I don't think they can force you. There was even a legal case I think.
Yup. Trains are stupidly efficient.
One train! A single train track solves all of this. No need for two. Just one. In the picture you don't see more than 500 or so people and that fits in no more than 5 modern train cars, with toilets, refreshments and other amenities. And it moves faster.
Japan pretty much has it figured out. Bunch of trains, slow or fast, fancy or frugal. Whatever fits you there's an option. You can get a Pikachu train with a shop and children's playground if you want to.
In USA they fund maintenance by developing the sprawl. So they are stuck in this circle where if they don't develop, they can't maintain, but developing means more surface to maintain, etc.
I don't know why they didn't just make it a web application. It's the same damn thing. Just like there's web.whatsapp.com, make Signal the same way. At least that way I get to use my own browser and in a single instance.