An average Joe that wants self-custody today will generate a seed phrase on an air-gapped device, so they will be in a more secure setup than what Luke had.
I am afraid you are overstimating the capabilities of the average Joe. Not because generating a seed on an air gapped device is difficult "
per se", but because the average Joe is lazy as fuck.
^ I was going to post this but you beat me to it.
But there's also an ugly truth, that unless you possess relevant skills yourself, there's always some trust involved. For hardware wallets - you have to trust that manufacturers are competent and that they have not put anything malicious there. For offline generated wallets, you have to trust that address generating software is legit and that address is truly random and nor generated according to some easy-to-replicate pattern etc.
"Freedom ain't free" I guess.