No! It's not about "compared to the alternatives", it should be, "compared to what it could be, without hideous restrictions to the end user". And in this regard, I think it probably does count as abysmal.
If I remember correctly, android inc / google set out (with Android) explicitly to create a rebrandable reasonably customisable OS base that all the phone manufacturers could use, modify, set up for their phones, etc.
It was intended, and certainly branded to device manufacturers as an OS they can use and 'get all the apps'.
The hard/firmware side is part of the OS. By allowing Android to be run on any device w/o decent security, the OS inherits that.
A better solution (to my mind) would have been to restrict manufacturers from using the Android brand unless they guarenteed a certain level of support and security updates, etc.
Also, having a central (google level) set of base packages which get constant updates and are pulled into all phones, regardless of brand.
