If they hosted on VMs they would simply hop from one place to the other. The problem is that all of this stuff is "difficult" and no one would be writing stories about how great signal is if it could switch between thousands of companies that provide VMs to masses.
We do not have these thousands of companies because AWS/GCS/Azure are the go to. Well, guess what? That means that objectively there are three kings of the world and the lieutenants of those kings get to decide what is and is not allowed.
> If they hosted on VMs they would simply hop from one place to the other.
No, that isn't a good enough solution. Signal needs to be reliable, or it's not worth having at all. The fundamental problem is node discovery: allowing the users to discover the IP address of the mothership (or, if you prefer, other members of the P2P network, but Signal is a centralized network) without the oppressive regime finding those IP addresses. Domain fronting was supposed to be a "cut the knot" solution, but CDN providers are shutting it down.
Tor's approach has been to use a La Resistance approach, where Dave in the US runs an obfsproxy node for Yasim and his twelve trusted friends, that's how node discovery works, and as long as Dave is a good sysadmin and nobody squeals it's reliable. Personally, I think that's the only sustainable solution, but it's not very user-friendly, because you need to have trusted confidants on the other side of the firewall that your government doesn't know about. Signal can't be that trusted confidant, though I imagine Signal works over Tor just fine if you set it up.
