So AFAICT, in practice a locked bootloader makes no difference to the most common attacks I’ve seen on my devices and that of friends&family. Seems like a far cry from your original claim that “This means that the most essential feature for your safety, the metaphorical lock on the front door of your house, is left broken and loose.”
But my point is that a remote attacker using privilege escalation can already do all of that even with a locked bootloader. “rootkits” don’t need an unlocked bootloader.
Sorry, but that page does not seem to say what you wrote. E.g. I can’t see how a remote attacker (such as a malign webpage, email, application, …) could take advantage of an unlocked bootloader without being able to see (and modify) all the data on your phone. IOW I think what you write applies only to an attacker who has physically taken your phone (temporarily).
Your links are all broken (because of “…” elision)
Can someone point me at technical info about the risks of having an unlocked bootloader? From where I stand, the risks seem completely irrelevant (to take advantage of an unlocked bootloader, the attacker would need to have full access to your OS already). AFAIK, locking of bootloaders was never designed to protect the user, but only to let cell-phone providers restrict what phone users can do.
The question is: are they going to do something about it?
I don’t think it’s a question of willingness to understand, but one of disagreement about the seriousness of the problem. Not to mention the implict idea that a “verified boot” is the only way to get that result. E.g. it’s very easy to get to a “safe factory state” without that kind of locking, for example with an immutable boot loader, as is typically present in many ARM SoCs (Allwinner, Rockchip, …). In that case you can revert to a safe state by downloading a known good OS image (using a trusted machine) and installing that image using only the immutable bootloader.