Having grown up through ad-bars, Windows malware, email worms and everything else that could go wrong for most people during the late 90s on and not wanting to do IT for my entire extended family, I don’t mind having a popular platform with guardrails. Unfortunately, I think providing non-curated access and opening up platform features that are currently gated by security features to unscrupulous actors will make things worse for more people than it will help. After over 15 years of iPhone use, I’ve never had any of the problems that plague PCs and I attribute a lot of that to a restrictive app distribution model, sandboxing, etc.
End users can (and do!) use apps not approved by Apple on mobile devices every day. They just do it on something that’s not an iPhone (or have the capability to jailbreak their iPhone and know what they’re getting themselves into). Corps and devs can also run custom software without Apple approval. I’m personally fine with that delineation and I’d much rather have stronger GDPR-like and property laws.
Some good points overall, and I think I agree in a lot of ways, actually.
> (or have the capability to jailbreak their iPhone and know what they’re getting themselves into)
It is a common misconception that people can "just" jailbreak their iPhone if they're not happy with the walled garden. This requires someone finding a critical-impact zero day vulnerability in iOS, quite literally worth around half a million dollars [1]. Apple is hard at work as we speak trying their hardest to prevent those from slipping in -- and that is a good thing, in general. It's not currently possible to jailbreak any up-to-date iOS device.
I'm all for sandboxing and other iOS security features; I'm not proposing that we get rid of any of that. Sideloaded apps would presumably still be fully sandboxed, and would still only be able to access sensitive data with explicit user consent. This is very different than the situation on Windows, where in 2025 you can still double click an .exe and instantly have all of your passwords and credit cards stolen (not an exaggeration; this literally happens).
I'm also not against the idea of making it difficult enough to enable sideloading so as to make social engineering attacks against grandma effectively impossible. This is what Chromebooks are doing; nerds get root, but grandma doesn't.
However, the DMA is more concerned with delivering alternative apps to everyone than it is concerned with empowering techies. So I can see why you might not support it even if you want to have a little more control over your phone, as a techie.
End users can (and do!) use apps not approved by Apple on mobile devices every day. They just do it on something that’s not an iPhone (or have the capability to jailbreak their iPhone and know what they’re getting themselves into). Corps and devs can also run custom software without Apple approval. I’m personally fine with that delineation and I’d much rather have stronger GDPR-like and property laws.