It's important to separate the technology and the policy. Technology that helps me to protect my system and my data from apps I don't trust is good. If the policy says that it's used to protect apps and data from me, because the upstream suppliers don't trust me, then it's a problem.