I wrote that with binaries in mind. Yes, I, like you, have installed plenty of sw via `./configure && ...`. You did check the md5sums and their GPG signatures, didn't you? ;)
BTW, many non-developer will always be bound to what their distro provide them with. I am OK with that, as long as I can override all these security restrictions whenever I want and for whatever reason.
I think that Chromebook-like operating systems could provide an interesting middle-ground. By default the system is locked down and only Google can update the software. At the same time you can unlock the bootloader whenever you want and install your own things if you want to escape the walled garden.
BTW, many non-developer will always be bound to what their distro provide them with. I am OK with that, as long as I can override all these security restrictions whenever I want and for whatever reason.
I think that Chromebook-like operating systems could provide an interesting middle-ground. By default the system is locked down and only Google can update the software. At the same time you can unlock the bootloader whenever you want and install your own things if you want to escape the walled garden.