The hash chain works really well, actually, even for local storage.
Attackers aren't going to just wipe out logs because that can make it painfully obvious that there's been a breakin. Removing or changing individual log entries is much more subtle, but with the hash chain this becomes very difficult; the attacker would have to rewrite the entire chain from the first message he wanted to modify.
This can clearly be combined with remote logging facilities. Better yet, it removes the need for infrastructure explicitly targetted at remote logging and instead just lets you use an existing backup service, and some tools to see if the "branches" of the logs match up between previous backups or not.
This is _exactly_ what git does.
In the end, while never losing data is important, knowing that you have modified data is significantly more important. People who can do so should have remote logging and very strict security rules, but the rest of us who have a single Linux box and an SFTP backup service (if we're lucky) shouldn't be screwed out of _all_ security features.