Pixel's are locked down a very tiny bit, and I don't think this is some kind of dystopian over-reach with security as an excuse. For all the security listed in this thread the whole "I must connect to the internet once" problem is a very fair tradeoff from the user's perspective.
This would only be a problem not when you first buy the phone but only if you buy a very very old used phone that has never had the OS replaced and google has exited the phone business and if you wanted to replace the OS.
One of the problems with this is that Google can change the behavior at any time. We have no shortage of examples of big tech companies changing something that's valuable to users because it no longer aligned with their business goals.
The internet is not a thing you connect to, what you must actually do is register your intent to disable the bootloader with an adversarially controlled server, and that server must respond with a yes.
If the root comment is to be believed, this (connecting via the internet to Google's servers), is required to provide additional security. I'm just taking that as true and deciding that connecting to the provider of my phone's hardware and software _once_ as a purchaser of their hardware, is fine for me. I also imagine it's not too burdensome for others.
Scenarios in which that's not possible are hypothetical (disaster, totalitarian takeover, alien invasion, sudden policy change), and I'm fine calculating that into the risk calculus and deciding that, yep I don't mind driving home and unlocking it the same day I bought it and praying nothing changes in their policy during the drive.
That's basically what I did. We can disagree on this, but it has worked out OK so far.
In return for this feature a class of lower income users are able to buy hundreds of millions of phones and pay for them over an extended period using monthly payments on their phone account. This is the trade-off Google makes.
