@marinny , you've got a lot there. Let me try to address most of it, but first let me say unequivocally that I am not apologizing for Google. They are an arrogant bunch, in their own hippy-dippy way.
As to having experience with Windows, I am a Windows network administrator and director of IT for a logistics company in the Mid-Atlantic (VA through NY) and we run a Windows enterprise. Forget everything you know about windows. Android is a different animal. Android is built on a Linux kernel and is a compact, lightweight, but very robust OS (which is why it works so well in embedded applications like cars and appliances).
Permissions has always been a heated topic of discussion. Linux has had very strict permissions from the beginning when Windows had virtually none. Even when the NT kernel was introduced at the consumer level with XP, almost everyone ran their OS in an administrative account. When MS tried to enforce that in Vista, there was such pushback from consumers that Vista got a bad rap and everyone pretty much ignored the permissions aspect. To this day I have IT staff that insist on elevating their user accounts to the administrator group so they don't have to elevate permission every time they need to access something in the protected files and folders of the OS. It's sloppy, lazy and dangerous.
In my opinion, it's the right way to run a secure OS. It appears that that is Google's opinion as well and I'm perfectly happy with the restrictions and inconveniences. Now, they did get them a bit tangled in Kitkat where folders that should have been more accessible were very restricted. That has been addressed in Marshmallow and Nougat. And, while the security is still present, they are behaving a little better and have given users MORE control over what those permissions are.
As to rooting or unlocking ... This has a few different aspects to it. First is the support issue. There will always be people who stick their virtual fingers into things where they don't belong and muck things up. And, no matter how big you make the sign "proceed at your own risk" or "If you do this, we won't help you fix it" they will still blame Google for having such a [insert sardonic hyperbole here] operating system. It's takes resources and makes for bad customer relations. If they make it harder to mess up beyond a factory reset, then that's all the fewer needless support calls from people with self inflicted wounds.
That said, I have rooted every phone I have ever had for one reason or another. However, I am currently running an unrooted Nexus 6 as my daily drive purely stock 6.01. I haven't seen the need to root in over a year. Now, the first thing I do, too is unlock my bootloader so I can flash updates early, but that's a different issue and I understand the risks and accept the responsibility.
The secure bootloader is necessary for primarily security. Phones these days carry a lot of personal information, and in the business or govt. world very sensitive information that needs to be safeguarded. Without these protections anyone with access to the device could potentially have access to the information stored on the phone and anything linked to it. Dragging out the tired old automotive analogy book, even though you own the car, you wouldn't want to grant the average driver access to the car's computer to mess with engine or safety settings (or worse, disabling them).
In an abstract and theoretical universe, I do agree that the owner of a device should be able to do whatever they want with it (as long as it doesn't violate any laws or hurt anyone else). As someone who has had to fix other's mistakes, i can tell you that 80% of users need to be locked out for their own good.
Now, moving apps to SD ... As
@Hadron and I have stated, in Android 4.x they revamped the file system and virtualized the storage and system volumes to dynamically allocate (internal) space as needed. This includes the internal /sdcard partition which is where apps would theoretically be moved to. Now with the system, user and sd card partitions all sharing the same memory space, it is moot where Android saves them as the default installation will allocate space as needed. Moving them to the sd partition just 'rearranges the furniture' as it were without giving you any more room or better performance. That's why it's greyed out for many apps even if the OS permits it. It's pointless.
Now, you have a physical SD card. If you hear a loud rattling sound, that is my head shaking back and forth. SD cards should be for temporary storage only. They are slow and notoriously unreliable. They fail indiscriminately and often without warning. When they do, much, if not all is unrecoverable. And they were never intended for the continual read/write operations of an active application or service which shortens their lives. In the beginning of Android's life, when internal memory was slow and expensive and devices were shipping with 1GB total for both memory and storage, then SD cards were the only way to expand the capacity. Unfortunately once you have given someone something it is very hard to take it back (at least without a lot of moaning.) Google's paradigm is (and always had been) to use the cloud as your external storage. That's why the trend is more internal memory and no SD card slots. While it might not cost that much just to engineer one into phones, it goes against the ideal, like putting a floppy disk drive in a laptop these days.
Of course other manufacturers like Samsung and LG do include SD card slots and let you expand internal storage to them to effective give you more room, but, for me, that's like tying a trailer to your Honda Accord and driving cross country. It will hold you back and put the contents at risk.
To paraphrase Blaise Pascal, I'm sorry I wrote such a long response, but I didn't have time to write a short one.
