Telling these people about threat modeling completely destroys their arguments. The arguments are lazy, a thin veneer for corporate profiteering, rent seeking, and restrictive behavior.
Youre right - granny isn't installing unsigned binaries and anyone proclaiming otherwise is just bullshitting you.
The reality is that there is no security here. We have massive, glaring holes in the systems we use. Adding a door lock when there's a giant hole in the wall next to it does nothing.
Granny is being scammed via phone, but nobody wants to fix that. I wonder why? Hm, maybe money has something to do with it.
This granny is mythical - granny isn't installing unsigned binaries off an alternative app store. Let's not argue dishonestly - we both know how scams actually happen. That statistic is less than worthless in this context.
If you had told me many years ago end users would be opening powershell prompts and willingly copy pasting commands into them to infect themselves with infostealer malware, i wouldn't have believed you yet here we are with ClickFix
(I'm not totally against it, the mythical grandma would otherwise lose all her savings because of an animated dancing monkey exe)