Per the article, Apple does do attestation. By default attestation is off unless you have enterprise management turned on.

But the existence of attestation means Apple could at any time in the future make attestation on by default and suddenly our devices control our secrets more than we do.

No, Apple can't suddenly start doing attestation in the future by default because that would instantly kill all the passkeys that have already been created on Apple devices without attestation. It would be as if a home security company went around and changed all the locks they had installed on their customers' front doors. It would be instant suicide as a trusted vendor.

Isn’t that just like people said in 2008 now that therd is a Mac App Store “any day now” that will be the only way to get apps on the Mac?