Doesn’t the post conclude the opposite however, that you can in fact manage your own passkeys outside of any “big tech”?

I think one important detail the author missed is that passkeys are in most cases not a sensible replacement for a password. They can act as a convenient semi-permanent replacement or second factor, but you will always need a mechanism should the passkey, or device be lost, which will be a traditional password or account recovery.

If parties do not trust your particular passkey provider / system then you lose that convenience, but the spec does need someway to handle obviously flawed or broken client implementations. If all your passkeys are hanging out in plain text without a pin/biometric/other key gating their access, they are all compromised and should be rejected.

Doesn’t the post conclude the opposite however, that you can in fact manage your own passkeys outside of any “big tech”?

I dont know how you missed the whole first section… If the provider can force you into device/software attestation then that indeed means that you can NOT use your own passkey management system without having to worry about being locked out.

If all your passkeys are hanging out in plain text without a pin/biometric/other key gating their access, they are all compromised and should be rejected.

No thats actually not an issue at all if your device is secure and uses full disk encryption. And if your device isnt secure then any additional security measures like password managers are ineffective anyways. If i want to write down my private key on a piece of paper and type it in by hand then thats my issue to deal with and not theirs.