Sadly, the problem isn't the TPM or Remote Attestation. It's Google et al choosing to only talk to devices and software they like without concern for what the user wants or trusts. Compounded by everyone else just going along with it.

A TPM where the device owner can't take ownership of the root key is worse then no TPM at all.

If the price to pay for security is freedom, then let users's devices be insecure. With time, they will learn good security hygiene. And if they don't, maybe they don't deserve it.