To claim a significant OS change is FUD shows a clear lack of understanding and forcing the EU change for their needs rather than the needs of the users who were happy to live in a walled garden and knowingly bought products with those limits.
To claim it is a significant change (with regards to security) with regards to
new code introducing exploitable loopholes is FUD.
Again:
- Allowing third-party app stores
- Allowing third-party apps downloaded ("sideloaded") from a website to install and run
...
required no change of program code to iOS whatsoever.
It's been all possible for many years.
There was no "forced" code change to allow these things.
Did Apple change code? Yes - though they did not
have to.
They changed code to
restrict third-party app stores. And elicit FUD in end users.
Changing a secure method that has been used for 16 code iterations and changing the core philosophy to allow external stores comes with risks.
There is no such change of "core philosophy" (with regards to security and particularly the code of iOS).
Allowing third-party apps to be sold by third-party - while still reviewing any of them does not change core philosophy.
Core philosophy is allowing third-party apps or not. Maybe even allowing third-party apps without review/notarisation vs. notarisation. Given that Apple has allowed third-party apps and will still review and notaries any apps (including alternative app store apps), there is no such change. Apple has allowed third-party apps containing
third-party code to run natively since more than 15 years. They've also allowed third-party apps be trusted and running that
were never reviewed by Apple for more than 10 years. It's only a change in regards to the commercial party you're dealing with. Not a change that's security-relevant in what code is allowed to run on devices.
Your
earlier claim above about new (potentially exploitable) code needing to be introduced...
iOS with major changes to accommodate the EU alt app stores. This change is code that sits on everyone’s phone regardless of region or activation. It makes one extra loophole that could be exploited by bad agent code.
All those who say “don’t run it” don’t get the change is everywhere.
...is just wrong and disingenuous. And so is your claim about "core philosophy". The core security paradigm hasn't changed.
I'm not going to deny that allowing and using third-party app stores poses some (new) risks.
Could an alternative app store provider „go rogue“ and approve apps that they know aren’t allowed by Apple? Yes, conceivably. Is that a new or additional risk? Sure. But that‘s just increased probability - not a fundamental change.
👉 If you don't like it, don't use it. And using a Mac certainly indicates that the risk is manageable.