That resolves the tinkering vs intrusive vendor issue. However it doesn't address the privacy, autonomy, or user freedom angles.

By autonomy I mean (for example) the inability to perform a proper backup on a "secure" android system. By privacy I refer to the fact that the vendor can see everything you do even in the VM. User freedom is only an issue when you can't boot an "insecure" OS on the platform, but if nothing will run when you do that the situation isn't much different. For example, technically I have the freedom to run DOS today but in reality I won't be getting much done if I do.

Addressing the privacy issue we've at least got confidential VMs now. However at that point we've just pushed all the issues down a level and the same drama plays out again with the hardware vendor.

No, a single GPU can support virtualization and be shared among multiple visitors.

>the inability to perform a proper backup on a "secure" android system.

This is by design as a "proper" backup violates Android's security model. Instead a backup system that respects Android's security model was built. Autonomy is given up but in exchange the high level functionality remains the same and there is better security.

>By privacy I refer to the fact that the vendor can see everything you do even in the VM.

What does this even mean? There is no fundamental reason for spyware to exist and even if there was that is independent to using virtualization.

>User freedom is only an issue when you can't boot an "insecure" OS on the platform

User freedom and security are orthogonal, but due to Turing completeness almost everything will support booting insecure operating systems.

>but if nothing will run when you do that the situation isn't much different.

If there is no market demand for running applications on insecure platforms then perhaps that's an okay situation to be in.

Do you really think I'm unaware of that? Have you tried it lately? Most (nearly all) consumer level hardware doesn't support it and (I might be wrong about this next bit but IIRC) you won't get full performance because most solutions partition the hardware rather than multiplexing it.

> This is by design as a "proper" backup violates Android's security model.

I'm aware. That doesn't address the problem.

> the high level functionality remains the same

Absolutely false. Apple at least built a solution that appears to perform as advertised even if I vehemently disagree with the underlying security model and believe that it is actively making society worse off in the long run. Google has failed miserably at that (at least last I checked, which was a few years ago TBF).

> and there is better security.

By whose definition? The officially sanctioned security model does not provide anything of value to me (from a technical perspective) relative to having full control over my device.

> What does this even mean?

It means that if someone else has control over the software on my device then outside of a truly unusual end-to-end code auditing arrangement I can never be confident that I'm not being watched.

> There is no fundamental reason for spyware to exist

What sort of drugs are you on over there? Ad tech is a massive industry. There are all manner of motivations to hoover up user data from market research to selling it to authoritarian tendencies.

> User freedom and security are orthogonal

Notice the quotes. By "insecure" I mean not provided by BigTech and system state attested by a whitelisted HSM.

> due to Turing completeness almost everything will support booting insecure operating systems.

Have you tried customizing the OS on a vendor bootloader locked mobile device lately?

> If there is no market demand for running applications on insecure platforms then perhaps that's an okay situation to be in.

Sophistry. It's user choice due to a combination of lack of awareness and understanding, a preference for convenience even when that's detrimental to society in the long term, and the resultant network effects.

Some cards are just limited by the firmware and have hardware support. Microsoft can work together with GPU vendors to get the ecosystem into a state where things will work.

>The officially sanctioned security model does not provide anything of value to me (from a technical perspective)

What about things like malware not being able to steal all of your accounts from your device?

>I can never be confident that I'm not being watched.

Most operating systems have implemented features to let you know when the camera is being used.

>Ad tech is a massive industry.

Adtech is not spy tech. And it doesn't work by seeing everything you do.

>Have you tried customizing the OS on a vendor bootloader locked mobile device lately?

If it's locked then you can't change the operating system that initially loads up, but you can still run a second operating system within the other.

>detrimental to society in the long term

I fail to sympathize when these "detriments" are antisocial things like being unable to cheat in games or being unable to pirate copyrighted works. We already experienced a reality where there was 0 security and it turned out that it was extremely abused inspiring the next generation of computing platforms that offered security and were able to partially mitigate antisocial behavior.

The android (or apple, or whatever) security model doesn't stop that. Malware will perpetually be one zero day away from having root.

It is true that those security models do a decent job of stopping users from shooting themselves in the foot, at least in certain ways. The way they go about it isn't of value to me though.

> > I can never be confident that I'm not being watched.

> Most operating systems have implemented features to let you know when the camera is being used.

Obviously I am referring either to the author of the OS or to the device vendor here (which one depends on the scenario being considered). In either case you can't rely on that party to voluntarily report their own wrongdoing. Hence my reference to a code auditing arrangement.

> > Ad tech is a massive industry.

> Adtech is not spy tech. And it doesn't work by seeing everything you do.

I don't know if you're delusional or interacting in bad faith but either way it doesn't seem we're going to get anywhere when you're saying things like this. It is plainly obvious that there are all sorts of motivations for spyware to exist.

A fairly simple proof is it currently exists, it was created, someone was motivated to do that.

> I fail to sympathize when these "detriments" are antisocial things like being unable to cheat in games or being unable to pirate copyrighted works.

The long term detriments are things like living in an authoritarian panopticon and needing permission from unelected corporate overlords to run any particular app, all on a device that (in the future) you absolutely depend on to perform even basic functions in society. Computer security and the BigTech anti-user security model are entirely different things that you are intentionally conflating here. Your world view resembles a cardboard cutout manufactured at a business strategy meeting.

... that many apps don't use and that's the point. Even today there are still games that don't even do cloud synchronization.

The problem is, as always, cheaters and microtransaction forgeries.