The concept of "admin" is not a black and white concept, it's a spectrum.
Every iPad user is an "admin" of their device. Apple isn't stopping you from "administering" it.
There are limitations to the device but every device has limitations somewhere.
On that spectrum, the iPad is a much less limited device from a software and hardware standpoint than a lot of other devices, such as game consoles, point of sale terminals, medical devices, etc.
A lot of devices are intentionally designed with safety guardrails for very good reason.
For example, an inexperienced end user should not be able to freely reprogram the firmware on a robotics system used for surgery. A system like that is very intentionally shipped with guardrails that prevent the owner of the device from making dangerous modifications.
Other guardrails exist for other hardware where the end user is given some freedom but still kept from destroying the hardware or harming themselves. For example, your processor or graphics card won't let you fry the system by exceeding thermal limits, but they may still allow you to change settings like clock speeds and voltages. These limitations generally make sense and I would not really appreciate if AMD allowed me to accidentally fry my processor. A car infotainment system that allowed you to play videos or games while you drive or disable driver attention monitoring during self-driving would be grossly negligent.
I personally think the "everything should and must be open source" crowd takes a good concept way too far and essentially wants to dictate business models and approaches to safety and security.
I would support a more moderate approach that would force Apple to support more of a level playing field for things like alternative app stores, interoperability, and fair competition with alternative software, software/hardware end of support anti-e-waste regulations, but forcing them to divulge schematics and allow you to modify sensitive parts of the hardware like the secure enclave is not particularly beneficial. Just my opinion, though.
And finally, I’m firmly in the camp that I’m not going to tolerate a shitty solution just because it’s open source. No, I’m not going to use a $1000 Librem 11 tablet that’s at least 4x-12x slower than an iPad Pro that costs the same amount of money.
> For example, an inexperienced end user should not be able to freely reprogram the firmware on a robotics system used for surgery. A system like that is very intentionally shipped with guardrails that prevent the owner of the device from making dangerous modifications.
Comparing an iPad to a device that controls matters of life or death is almost as ridiculous as pretending these "guardrails" exist to serve the user.
The guardrails exist to prevent the user from exiting Apple's garden. It is there to protect a monopoly, not to protect the user.
Can you not pretend that my argument had zero nuance?
I specifically mentioned in my reply that Apple should be forced by consumer regulations to remove guardrails like disallowing competing app stores, and they should be forced to have more interoperability with competing standards and products (e.g., iMessage/FaceTime should be an open protocol where other vendors could make compatible communication apps).
But they shouldn't be forced to allow you to gain full root or dump the secure enclave's private keys.
ChromeOS allows you launch a Linux terminal app which runs a shell inside a VM. There are no "entitlement" limitations to what you can do in it, while the base system remains isolated. For example you can launch a MacOS vm with qemu.
Unfortunately if you give non-technical users root you are also giving root to the phishing site or fraudster that cons them into giving it root.
It's hard for technical people to get their heads around just what a hostile environment the modern scam and hustler riddled slop and spam infested Internet is. Using the net as a non-technical user is like walking around a dodgy high crime area of some third world city at night as an unarmed sixteen year old girl there on holiday.
Tech folks get so good at ignoring and skipping all that nonsense that they stop noticing it. I get three or four phishing or scam attempts a week, some of which look convincing if you don't know how to examine an e-mail domain or a URL. It's a hellscape.
An exercise for readers who don't believe me: get on a Windows machine and try to use regular web search to find and download a piece of software outside the App Store. Pretend you are non-technical and just looking for something to get something done. Be sure you do this from a VM you can delete after it becomes compromised, assuming you can actually get to a download at all behind all the popups and scam "your PC is infected!" sites.
Most techies not only know many, many people who aren't technical, they are also the ones who are called on when their family and friends get suckered. It is not ignorance that makes technical people think that everyone should be able to get root access to the things they "own," it is experience.
This is so much "you support free speech because you're a good person, but if you heard what some people say..."
> An exercise for readers who don't believe me
With the number of actual Windows installations I, and other technical people, have cleaned the slime off of, this isn't persuasive. People who use Linux generally aren't ignorant of Windows, although some extreme Apple partisans might be.
But they should be able to take it to someone else who can use root access to fix it
The idea that a person should not have any access to be an admin of a physical device that they own is ridiculous
They might not need it, they might not ever use it, but they should absolutely be able to if a situation calls for it