When I read the title, I was thinking the article would discuss how everyone uses and interacts with it through centralized services;. This is true as both a user (etherscan.io, opensea.io) or a developer (infura.io).

I agree with Nate's comment that ethereum contracts are indeed public and immutable. Whether an individual chooses to sync a node, inspect the code and understand what functions are public and which can be run only by the contract owner to modify state, it is up to them.

It's similar to password management. I find a lot of people discussing the important of privacy and security on the internet, only to find out that they don't use a password manager and reuse the same memorable password everywhere.