IMO promoting 'security holes' as a mechanism of freeing your device is counter-intuitive. What everyone needs is a safe way of running their own software; security bugs are toxic to the entire ecosystem.
I agree. Just that the parent's point that "Google (and vendors) certainly wouldn't like users to have unrestricted access to their phones" doesn't make sense in light of this fact.
Unlocking the phone does a factory reset, right? So you won't have access to any data that your phone holds (unless you were able to export it or store on SD card).
And, if I understand things correctly, custom ROMs do not have Google Play. Well, in reality they do, but I believe Play .apk's floating around are just warez. Maybe I'm wrong on this matter, though (please correct me if I am). But if I'm right, then, legally, phones flashed with custom ROM should not have access to Google Play.
So you're certainly allowed to put whatever software you want (if you can write, build or find one, huh) on your hardware. But, at the same time, you're not welcomed to tinker with Android as provided out of box, except in a way you're allowed by vendor.
I'm not advocating hacks to get root by any means, though. They're security holes that are exploited in a lack of better ways.
Unlocking does a factory reset by design. If someone was to steal your (locked, password-protected) device, and could unlock it without wiping, they could just flash an update that bypassed the password and dump all of your data. Or even worse flash an update that silently gave attackers remote access and put the device back in your possession.
Not wiping when unlocking the bootloader is a security hole.
Google authorizes distribution of their apps through a separate channel. This issue was resolved when CM was present a C&D in early 2011 (iirc) for distributing Google apps with the ROM image. My understanding is that as long as Google apps are in a separate file, Google consents to the distribution, at least in the case of CM. IANAL.
...which is why the first thing I did when I bought my Nexus was fastboot oem unlock. No worries about a factory reset when I hadn't put anything on it to begin with.
