The general public part of the problem can be solved by offering an alternative Android-based distribution which can be installed by 'the general public' in a way similar to that which they install updates to the stock OS. For some devices this process is already available, for others there is more work to be done.
Project Treble[0] only enforces a certain level of hardware requirements.
There are zero requirements for OEMs or carriers to actually push updates to their devices, and they are still allowed to customize their forks. [1]
Also it requires consumers to buy a new device running Android O, hoping that the OEM will actually push updates, because even those getting an update from Android N to O won't have any guarantees of further updates.
I don't count on OEMs in any way. However, if my understanding is correct, Treble should make it far easier to install an aftermarket ROM on a Treble-compatible device.
When I shop for my next phone, "Treble-compatible" will be the top requirement.
There are alternatives to unlocking the bootloader. My current device (a 2011 Motorola Defy) can not be unlocked yet still I'm running it with Android 4.4.4 on a custom kernel. The trick here was to subvert the update process, other ways exist to do the same.
Of course as I geek I can do all of that, but I rather sponsor someone that cares about the joe and jane on the street can do with their devices.