I've no doubt the authors of Carrier IQ would say its keylogger had nothing to do with crapware, merely being a flawed implementation of "measuring operational information in Android devices", the end effect is the same.
The Windows kernel is touched by anyone who ever writes a driver for it, in other words every vendor shipping a Windows 8 tablet or phone today, or historically for any vendors that shipped Windows CE devices (which was the market I was comparing to, but it's also been true on desktops for all history).
The customization referred to is where carriers or hardware vendors takes white label software (Android, Windows CE, Windows 8), adds their own juice in the form of spyware, drivers, preinstalled apps, clicks a button and out pops something that gets flashed to devices.
My comment was comparing security properties of customization processes of the two operating systems, not making any argument (which would require claims to disputed facts – I don't believe I made any).
The Windows kernel is touched by anyone who ever writes a driver for it, in other words every vendor shipping a Windows 8 tablet or phone today, or historically for any vendors that shipped Windows CE devices (which was the market I was comparing to, but it's also been true on desktops for all history).
The customization referred to is where carriers or hardware vendors takes white label software (Android, Windows CE, Windows 8), adds their own juice in the form of spyware, drivers, preinstalled apps, clicks a button and out pops something that gets flashed to devices.