> Of course— you could counter that market forces will temper that kind
> of lock-down.
Sure. There's also nobody buying closed cellphones...
If the legitimate security concern is really all there is to it (I doubt it), I think this scheme could work:
Connecting to the internet is only allowed if you buy mandatory insurance (as is done for cars). The insurance has to pay out if your device harms the network (DoS, Spam, Worm, whatever). Rational insurers can ask lower premiums for operating systems and/or configurations that they found to be less risky. That you really run this configuration could be enforced contractually, or even via this fancy remote attestation. Other models are lower/increasing premiums according to a user's incidence record.