> If you alone are the trustworthy entity, things work better.
That really, really depends on how trustworthy you are, doesn't it? I would argue that most computer users don't and shouldn't trust themselves to secure against low-level threats, and some of the people who do trust themselves really shouldn't.
Yup. I run Debian instead of Gentoo because, for various reasons, I trust the Debian project to be better at things (like triaging, backporting, compiling, and testing security updates promptly and correctly) than I trust myself. I think this is a common decision.
I later extended this logic and bought a Chromebook—a decision I don't take lightly, as a free-software advocate, but I was not convinced that there was an alternative that effectively let me retain more control over my computing. One of the things the Chromebook does that basically nobody else does (systemd vaguely wants to do this, my previous employer wanted to do this for our customers, etc., but I don't think anyone actually does) is it enforces a secure-boot-style thing for the entire OS, and makes it hard for anyone who doesn't have the signing key to take control of my computing away with me. In an ideal world, someone other than Google would have the signing key. But per the logic above, I definitely don't want it to be me.
That really, really depends on how trustworthy you are, doesn't it? I would argue that most computer users don't and shouldn't trust themselves to secure against low-level threats, and some of the people who do trust themselves really shouldn't.