First, because in a corporate environment with a legitimate SSL proxy you want a new install to Just Work.

Second, because no mechanism is immune to manufacturer tampering.

Both Chrome and Firefox ignore pinning errors when it's signed with a local root.

You can't be more secure than the OS you're running on.