it's not just about you
"Why did you arbitrarily exclude rooting and installing a 7.1.2 custom ROM? You are of El Reg's readership. The standard is higher here."
I'm not the OP, but I'm gonna answer: Because the article isn't exclusively about The Register's readership? It's "about" the whole market. It is a good thing in general that Apple actually keeps their older devices updated with security patches for a long time, *officially*. It is a bad thing that many Android phone vendors do not.
I have an Android phone, and I run Lineage on it, and I've been doing that with various Android phones for years. Fine for me! (Except actually, doing it is kind of a giant PITA I would be much happier to avoid, if there were a *single* vendor I could trust to sell me a good phone with non-spyware-riddled firmware and keep it updated for a few years. But...there isn't. So I keep losing hours of my life to working out the latest ins and outs of bootloader unlocks and root exploits and all the rest of it.) But it's *not* fine for the vast majority of Android phone owners, who don't realistically have that option. Their choices are to stay on the eternal yearly upgrade treadmill (not great for their wallet or for the environment), or use a phone with known security vulnerabilities. Having millions of people running known-insecure OSes is not good for *anyone*.