This is false. This concern is addressed in the second paragraph of the linked article:
> this passcode-protected key material is encrypted to a Titan security chip on our datacenter floor. The Titan chip is configured to only release the backup decryption key when presented with a correct claim derived from the user's passcode. Because the Titan chip must authorize every access to the decryption key, it can permanently block access after too many incorrect attempts at guessing the user’s passcode, thus mitigating brute force attacks. The limited number of incorrect attempts is strictly enforced by a custom Titan firmware that cannot be updated without erasing the contents of the chip. By design, this means that no one (including Google) can access a user's backed-up application data without specifically knowing their passcode.
This is true for iOS as well as every other widely used computing platform. Android is better; unlike iOS you can build AOSP yourself without the Google proprietary parts, and unlike iPhones, Pixel phones have unlockable bootloaders so you can install your own OS builds.
Even most PCs running Linux have plenty of nonfree binaries in various firmwares and common peripheral drivers. I support efforts to make devices with fully open firmware on which you could run Android's AOSP or other open source operating systems.
> this passcode-protected key material is encrypted to a Titan security chip on our datacenter floor. The Titan chip is configured to only release the backup decryption key when presented with a correct claim derived from the user's passcode. Because the Titan chip must authorize every access to the decryption key, it can permanently block access after too many incorrect attempts at guessing the user’s passcode, thus mitigating brute force attacks. The limited number of incorrect attempts is strictly enforced by a custom Titan firmware that cannot be updated without erasing the contents of the chip. By design, this means that no one (including Google) can access a user's backed-up application data without specifically knowing their passcode.