There might be technical reasons why browser extensions are particularly problematic and it might make sense to phase them out in their current form, so, to be clear, that's not what I'm getting hung up on. But there seems to be a broader acceptance of Apple's vision for a nice walled garden where users are safe from everything, especially themselves, and criticisms of this are just "bitching" from people who need to see the bigger picture. I'm sorry but I don't accept that.
Mobile is the primary user environment for a whole generation of kids and millions of people coming online in developing countries around the world. What we're bequeathing them is worse than anything in early-2000s Slashdot's worst paranoid nightmares. Billions of iPhones only load OS images signed by Apple and jailbreaks are aggressively patched as urgent security issues, guaranteeing vendor lock-in. Third-party code is too dangerous so users have to get it from a vendor-controlled app store and sideloading is forbidden for security reasons. You can't have browser extensions because they can see too much, so now you have to hope that Apple implements an API for whatever you were trying to do. There's a weird double standard where the tech literati are fine with things on mobile that they would never accept on their desktop. I guess it's because we have the luxury of putting our phones away and retreating to our "real computers" to scratch our tinkering itch. Not everyone has that privilege, or inclination. If the freedom to tinker means anything to you then mobile shouldn't be an exception.
I don't think the walled garden is even necessarily good for the ill-informed or careless users we're trying to protect. Checking out the "Advanced" mode is how users learn. While it may be dangerous for a casual user to be able to run a command or make a tweak they found recommended on some website, it also can be incredibly helpful - software doesn't always work correctly or the way that you want it to, and there's not always a nice button that does exactly what you need. And there's a real danger of the browser and the other public API surfaces calcifying to only permit what Apple thinks about ahead of time, smothering innovation that could have genuinely benefited users. Imagine if computers followed this philosophy from the beginning. I doubt users would enjoy an app store where user input (text only, of course) is sent securely into the app's stdin and output is text fed securely from the app's stdout to the screen, with no interference permitted by potentially insecure code attempting to provide things like scrollback because it could see all of the user's activity.
So yes, protecting users from the worst malware can be a thing but it's not as obvious as you make it sound that this should necessarily entail removing agency from the user. By aiming for the lowest common denominator user, Apple is depriving everyone else of real advantages. And, I would argue, producing a sterile and stilted experience that's best for no-one.
Mobile is the primary user environment for a whole generation of kids and millions of people coming online in developing countries around the world. What we're bequeathing them is worse than anything in early-2000s Slashdot's worst paranoid nightmares. Billions of iPhones only load OS images signed by Apple and jailbreaks are aggressively patched as urgent security issues, guaranteeing vendor lock-in. Third-party code is too dangerous so users have to get it from a vendor-controlled app store and sideloading is forbidden for security reasons. You can't have browser extensions because they can see too much, so now you have to hope that Apple implements an API for whatever you were trying to do. There's a weird double standard where the tech literati are fine with things on mobile that they would never accept on their desktop. I guess it's because we have the luxury of putting our phones away and retreating to our "real computers" to scratch our tinkering itch. Not everyone has that privilege, or inclination. If the freedom to tinker means anything to you then mobile shouldn't be an exception.
I don't think the walled garden is even necessarily good for the ill-informed or careless users we're trying to protect. Checking out the "Advanced" mode is how users learn. While it may be dangerous for a casual user to be able to run a command or make a tweak they found recommended on some website, it also can be incredibly helpful - software doesn't always work correctly or the way that you want it to, and there's not always a nice button that does exactly what you need. And there's a real danger of the browser and the other public API surfaces calcifying to only permit what Apple thinks about ahead of time, smothering innovation that could have genuinely benefited users. Imagine if computers followed this philosophy from the beginning. I doubt users would enjoy an app store where user input (text only, of course) is sent securely into the app's stdin and output is text fed securely from the app's stdout to the screen, with no interference permitted by potentially insecure code attempting to provide things like scrollback because it could see all of the user's activity.
So yes, protecting users from the worst malware can be a thing but it's not as obvious as you make it sound that this should necessarily entail removing agency from the user. By aiming for the lowest common denominator user, Apple is depriving everyone else of real advantages. And, I would argue, producing a sterile and stilted experience that's best for no-one.