> The security in iOS is tied to the sandboxing model - not the app store.
I disagree. Sandboxing is designed to prevent your phone from being compromised but it doesn't prevent bad actors from using legitimate APIs in malicious ways.
As an example, the App Store review guidelines enforce certain privacy restrictions such as not allowing third-party analytics or advertising in apps designed for children. This is not something that is intended to be enforced via sandboxing.
Edit: As another example, consider an app that might request access to your contacts for a legitimate purpose (like messaging), but then secretly transmits and stores that data for an alternative purpose (like selling your contacts to third parties). Also possible within the sandbox but forbidden by the review guidelines. Now, I'm not saying the review process is going to catch all abuses of legitimate APIs ahead of time, but at least there is an enforcement mechanism if the bad actor gets caught.
That's all right and all fine. It's my user choice to install any crappy third party app store on the hardware I bought. I would like to not being protected. The same on windows, I'm warned than executing an unknown program is a risk for me and if I don't know what I do, then I should not do it. That is perfectly fine. Small fences with warning signs instead of 10 meters walls.
User choice works the other direction as well: that consumers can choose to knowingly purchase a device that is locked down, for reasons of safety, trust, experience, etc.
I happen to broadly favor anti-trust intervention against Apple in this instance; but it's not as though Apple ever deceived users about what their devices can and can't do. They sell appliances, not "computers". Freedom (arguably) includes the freedom to take one's own freedoms away, at least up to a point.
I agree with this. I pay for the experience Apple delivers. I don’t want an open mobile device, or a free (as in software) mobile device. It’s my hardware but I agree that Apple dictates the terms and delegate them the authority necessary. I want a curated experience and pay a premium for it, after tolerating the rough edges of Android for years.
I’m generally fine with the general lockdown on iOS, but at the same time there really are only two smartphone players. It’s either the free-for-all Android or the rigid-reviewed apps on iOS. Given the market realities having at least the ability to side load apps should be allowed. Apple can still offer their curated experience, but I should also be able to add my own open source (or whatever) App Store without Apple’s blessing. Just because I generally like Apple’s approach on the App Store doesn’t mean I shouldn’t be able to “mod” my own hardware. It’s like if I buy a BMW because I like their quality, integration and security that’s fine, but I still want to be able to replace the stereo if I choose. Actually I think it’s my right since I own the hardware, no? Or better, if I install a Sirius XM radio in my car why in the world should Sirius be forced to pay BMW for that “privilege”? If they want to integrate into their pre-made BMW stereo system sure, but I want to be able replace that with my own stereo.
The problem with such a „soft“ system as opposed to a hard sandbox is that rules may change after you purchased the phone and rules get applied inconsistently. Both happens regularly.
I disagree. Sandboxing is designed to prevent your phone from being compromised but it doesn't prevent bad actors from using legitimate APIs in malicious ways.
As an example, the App Store review guidelines enforce certain privacy restrictions such as not allowing third-party analytics or advertising in apps designed for children. This is not something that is intended to be enforced via sandboxing.
Edit: As another example, consider an app that might request access to your contacts for a legitimate purpose (like messaging), but then secretly transmits and stores that data for an alternative purpose (like selling your contacts to third parties). Also possible within the sandbox but forbidden by the review guidelines. Now, I'm not saying the review process is going to catch all abuses of legitimate APIs ahead of time, but at least there is an enforcement mechanism if the bad actor gets caught.