[beagle3]

That's fine and dandy - I'm all for it, in fact, I configure my systems thus with 3rd party tools as much as I can. Android is mostly like this (with a less than perfect implementation)

But when people talk of "walled gardens", they mostly refer to the guardian at the entrance. Only Apple decides what runs on iOS, only Microsoft decides whats in the App Shop. That's NOT good for anyone (except Apple and Microsoft).

Sure, make users jump through hoops to install alternate stores, and warn them up the wazoo when they do that. But do let them, or general purpose computing as we know it is gone.

[youdontknowtho]

Security professionals are almost completely unanimous about how effective Apple has been with it's "walled garden". I'm not even an Apple fan, but what they have done is pretty amazing from a security perspective. Like it or not it has worked to keep people safe from many many types of attacks.

[kijin]

Sandboxing and tighter security are orthogonal to app stores. The same security policy should apply to every app, regardless of whether it was installed through the official store or from another source.

What the grandparent is suggesting is akin to UAC, which received much hate when it first debuted in Vista but has now become a mostly accepted part of the Windows user experience. It has been done before, and it can be done again, with every Windows app, not just apps from the Microsoft Store.

[beagle3]

They are orthogonal in theory, but so far not in practice - all three appstores in common use (iOS, macOS, Android) have mandated sandboxing and security.

grandparent was suggesting UAC, but started with:

> You know what? I'm starting to get excited for the walled garden to get more walls.