I think they're referring to disabling system integrity protection, which I've admittedly had to do for some specialized use cases that I can't remember.
SIP is similar to an enhanced secure boot. It's not (at least not primarily) for DRM.
He might be talking about a Gatekeeper override which is available by digging into the system settings? This allows you to run insecure resigned software (like pirated software is a common use case, honestly). But you only have to do this once, it isn't some constant headache.
I'm not sure what exactly he's referencing, actually. But it can almost all be disabled on macOS (the same is not true of iOS).
I've been using a Mac since 2012 for all manner of work and personal use cases. I haven't needed to disable SIP to do anything in quite a long time. I used to need to do this to install kernel extensions for audio, but this is no longer required for systems that support AudioKit.
Basically, I don't see any impediments to doing anything I need to do with SIP enabled at this point. I'm not sure what GP thinks the impediment is.
Regardless you still had to do it. Anyone that doesn’t do it is in a restricted use case for the machine. That’s my point which I made clear in my original comment. Disabling it allows you to use the machine outside of restriction. Fancy that!
I only had to do it years ago. I have a new M5 Max MBP and it has never had SIP disabled, neither did my M1 Max MBP I replaced. That's at least 4-5 years where it's been unnecessary. Never needed it on Apple Silicon devices, although I don't think the SoC arch is related to why.
He might be talking about a Gatekeeper override which is available by digging into the system settings? This allows you to run insecure resigned software (like pirated software is a common use case, honestly). But you only have to do this once, it isn't some constant headache.
I'm not sure what exactly he's referencing, actually. But it can almost all be disabled on macOS (the same is not true of iOS).