Every iPhone ships with a chain of trust that starts with Apple’s root certificate, not yours. The kernel you run, the OS you update, the apps you install — all gatekept through keys Apple holds. This is sold as security, but security means nothing if only one party controls the locks. Android has its own chain of Google-verified boot, which is the same architecture with worse transparency. Both platforms decided that your device belongs to whoever signed the firmware. Free software means you can audit, modify, and share what runs on your machine. That requires unlocked boot chains, not just open-source kernels running inside a proprietary trap. Why should the device you bought be the only one you don’t control?
The real answer to your question is that the vast majority of people don’t have the time, inclination or skills to manage it themselves.
The techy answer is that unless you are writing or reviewing every line of the firmware/OS yourself, and also securing them with certificates you’ve self signed with hardware/software that you’ve already reviewed or written yourself, you’re still trusting something to a third party.
Also your statement here is pretty backwards to me:
This is sold as security, but security means nothing if only one party controls the locks.
You may not trust Apple or whomever, but a lock with only one key holder is definitely more secure than a lock with many. Maybe just the wrong metaphor?
Ultimately, I think the real point is that Apple is a commercial entity driven by a profit motive, so will act in its own interest to that end. It never stated that iPhone was a device where you could roll your own secure boot or change firmware or whatever - it sold a mass market product to mass market consumers who largely don’t care about any of this stuff. In this regard at least, Apple’s secure boot is more secure than nothing.
I do, however, agree that you can’t necessarily trust this particular gatekeeper, so buyer beware.
I mean it without a doubt is security its just at the cost of freedom. The users are paying apple to handle the security side instead of doing it themselves.
I ain’t buying a device I can’t get root on. But I don’t expect others to do the same especially when we live in such a hostile time. There is malicious software everywhere.
