Sadly, this may apply to most people, at least until offline key storage is the norm. Too many people are prone to surfing the internet insecurely and downloading files on the same PC their wallets are on. When I tell people IRL they should have a dedicated offline device or hardware wallet, they look at me like I'm crazy. Most newbies aren't properly securing their wallets, and I honestly wonder sometimes how many ever will.
In a sense, Paypal/Paxos should be more secure than a typical exchange as well since they don't process customer withdrawals. That drastically cuts down on the frequency that private keys are handled and removes the need to ever use hot wallets.
This can be really bad for the future of Bitcoin. In 2017 Bitcoin community defended itself from the SegWit2x attack by clearly signalling that the users won't recognize the fork as new Bitcoin. But if in the future majority of Bitcoin users will only own custodial Bitcoin and won't know anything about the technicals of Bitcoin, it would be easy to hard-fork the network if miners will be onboard.
I have some hope that offline key storage will become more commonplace among regular users. We need better and cheaper hardware wallets, and we need better offline solutions from wallet developers. At this point, I think Electrum is the only desktop wallet with an intuitive offline wallet UI. That's pretty disappointing, but it's not a permanent limitation. Wallet UX in general is still holding Bitcoin back. This stuff takes time.
I'm not overly concerned about the political stuff. I think there is a very strong contingent of Bitcoin holders and users who will continue running full nodes, and I also think a contentious hard fork will only become increasingly difficult to pull off as years go by, as stakeholders become increasingly entrenched.