AF 447 was not brought down by a design philosophy, it was brought down by a set of events which are not, as yet, known with sufficient completeness to draw ANY conclusions as to proximate cause, much less contributory causes. Furthermore, the only thing that preconceptions (positive or negative) regarding design philosophy can do at this stage of the investigation is to reduce the completeness of the analysis of the empirical evidence, to the overall detriment of the proper objective, which is improving aviation safety.
Something else important to keep in mind, before condemning the design philosophy whenever there is a severe incident or accident affecting an FBW aircraft, is a characteristic of abnormal incidents that occurs for ALL types of embedded computer systems. (Indeed, a characteristic that is well known in the embedded computer industry, and was widely discussed 40 years ago, but is largely taken for granted today.) Whenever an embedded system is widely deployed to control (or "automate") a formerly-manual process, the proportion of severe abnormal incidents goes up while the total number of abnormal incidents goes down. Note it is the PROPORTION that goes up -- the total number of abnormal incidents goes down, but the embedded system is so good at dealing with routine problems that the number of common incidents is reduced far more than the number of unusual/severe incidents.
In the case of sophisticated flight control systems (all of them, not just Airbus), the very presence of the system may increase the risk of extreme or severe events by doing such a good job of dealing with common events that the (collective) exposure of those aircraft to the possibility of the uncommon events goes up.
For an excellent discussion of the differing kinds of risks that affect complex systems, see
Epistemic and Aleatory Risk « Dark Matter
That author has also written interesting material regarding AF 447 from a systems safety perspective, see
The Airbus A330 Aircraft & System Safety « Dark Matter