Could start by installing Java, let's see, oracle.com, click, ah, what's this? It's installing the Yahoo! browser toolbar by default??!!!
Yeah. Curated.
And even if you do manage to get a curated software store without lockdown that has a business model, it's not clear to me how you solve the problem of people sharing passwords with sketchy family members and friends who then install hidden software that secretly, behind their back, stalks them without so much as an informational prompt or opt-in.
No, I think there are good reasons for having devices somewhat locked down, especially when it's being done for the sake of the end user.
Ubuntu, Debian, Fedora, Arch; many Linux distributions provide excellent curated software repositories that just work for general purpose software. Have done so for well over a decade. All without locking the user out of his own computer.
And of course Steam, GoG, and the HumbleStore provide curated repositories for proprietary games on many platforms.
Linux official distro package repositories. Free open source software has had currated software repositories for many years and since hosting is quite cheap not much of a "business" model is required.
Don't want to deal with the official repository you can easily host your own and provide a package that adds your own repo and serves the latest and greatest version of your software. Want a solution that targets multiple distros and bundles deps there is no snappy.
Preventing untrusted users from installing software is also a solved problem. Require the root password or simply don't let them use sudo.
If you give morons and bad people physical access your machine AND permission to install software it seems to me that you have put you in a bad place where no amount of lockdown can render you safe.
Rather than make the futile effort to render your situation tenable when we know it wont how about we continue to improve actually feasible use cases?
> sharing passwords with sketchy family members and friends who then install hidden software
I guess that's a fair use case for locking down the OS.
But when it comes to various sites giving you bad software, how is locking the device and not giving the user control supposed to help? Any security measures like sandboxing could exist on a device without taking control from the user. And while installing zero programs is pretty secure, the user could make that choice without a lockdown.
> So, which curated software store/repo do you prefer?
Ninite is quite good. Other comments already pointed out various linux repos that do a very good job. Also look at the iOS store for something that has pretty aggressive quality control, even if the rules aren't perfect. (While iOS is locked down, the store would work the same if it wasn't.)
You sound like you've been living under a rock for twenty years! Choose pretty much any Linux distribution and you'll get an excellent package manager that plugs into curated lists of software, AKA repositories.
http://download.com? Now owned by CNET, and full of sketchiness.
Or maybe you like http://freeware.com? Oh, snap, it's down and parked by a squatter now.
Or maybe an open source site? How about https://sourceforge.net? How'd that work out?
Could start by installing Java, let's see, oracle.com, click, ah, what's this? It's installing the Yahoo! browser toolbar by default??!!!
Yeah. Curated.
And even if you do manage to get a curated software store without lockdown that has a business model, it's not clear to me how you solve the problem of people sharing passwords with sketchy family members and friends who then install hidden software that secretly, behind their back, stalks them without so much as an informational prompt or opt-in.
No, I think there are good reasons for having devices somewhat locked down, especially when it's being done for the sake of the end user.