Centralization - it's not only who can control network. It's also about how easy it is to censure, regulate or close it. Having so small group of players with such big power (BPs have much more power in EOS than miners in Bitcoin or Ethereum).
Another thing is that Block.One owns 10% of tokens. And actually uses them to vote. At the moment only 30% of tokens are staked to vote. so Block.One has 1/3 of decision power! Additionally they have authority. Same as Ethereum community is listening to Vitalik, EOS community is listening to Dan.
And finally, how about exchanges. Can they vote in name of their users? What if they will? Sounds scary.
Bugs - bugs can happen everywhere. Early days in Bitcoin there were critical bugs. But stop for a moment. We're talking about 4 billion dollars network. We didn't see any critical bugs in Bitcoin for years. Even when its market cap was significantly smaller than current market cap of EOS.
go HODL away - but in same time "you must lock up your tokens to vote". So if I vote, then HODLing and waiting until the cows come home is ok? Or how?
Possibility of loosing account is very scary.
You forgetting about very important feature of blockchain for being PERMISSIONLESS. You don't need permission to use it. In any way. Only math and code sets limits. Not people. In EOS people (those who are BPs) decide which account to lock, which app can run on network etc.
EOS is not Bitcoin
... and don't have to be.
EOS is not decentralised and permission less in a way we used to see in Bitcoin or Ethereum. From other hand it don't have to. Control of most of ICO tokens are owned by central authority. Startup founders decides which tokens to accept in their products, when to accept them.
For such "decentralised centralised" apps EOS should work well.
It gives cheap transactions, better speed, audit-ability and transparency. That's totally enough. In many cases you don't need true decentralisation. You just need good platform for running your dApps.