Their approach is not decent. There should be some kind of master key to get full admin access. Leaving al the keys in the hand of a mega corporation is asking for trouble.

It's gone so far that even tech people now think that having root access to a mobile device is somehow scary. Well guess what that root access is still there for the manufacturer. It needs it for stuff like updates. It just shields you from having any kind of input or visibility on what is going on.

And once you've given up your admin control to the mega corporation, your government is going to be next. They'll be demanding backdoors and regulatory bullshit like age verification and snooping backdoors. Even today the EU launched yet another chatcontrol proposal. Eventually they'll manage to get it through when they've paid off enough representatives.

Keeping full control is the only way to prevent this.

you really underestimate the will of people to not change anything that annoys them about their OS. they will click 1 million times a popup away before even considering that it could be resolved indefinitely by an option change. i think Apple's system works well to keep the average user safe.

I agree with you, but then to me this is a great reason why macOS (and Apple products in general) just aren't made for me. And that's ok, that's the beauty of diversity.

> If there was a way to disable this, first thing that the grandma would do is watch a video how to disable that and lose security from then on.

My grandma absolutely would not watch and follow a video on how to e.g. disable Gatekeeper, nor do I think she’d be able to if she tried.

Your grandma sounds substantially more tech savvy than my grandma. Good for her, she seems to know what she wants. Grown adults should be allowed to knowingly opt into an additional level of risk.

Could make it disable-able only from the terminal in recovery mode. That one would be too hard / bothersome to fend off most cases I feel like