> The question is, whom do you trust, and who bears the greatest consequence of failure?

I'm going to trust uBlock Origin because it is free open source software and I can see everything they are doing with my data. Apple on the other hand forbids reverse engineering safari (trying to understand what it does and how it works).

Once you're a part of the apple eco-system apple could theoretically (and to be clear we're talking about purely theoretical privacy risks in all cases) access your browsing history and also tie that directly to your name, address, credit card/bank account, GPS coordinates, etc.

Putting your privacy in the hands of a company that has so much of your data already is naturally more risky than compartmentalizing. If hackers somehow compromise my browser extension they get access to my browsing history on one device until I notice and correct the problem. If a hacker somehow compromises Apple they could get access to much much more. For all their care and resources Apple is not immune from attacks either. Safari has had a ton of vulnerabilities exposed just this year so far.

It's not uBlock Origin they're concerned about, though - it's all the other random extensions out there that could use the same capabilities for evil instead of good.

Ultimately the freedom to decide what code a person runs on their own hardware has to be left up to the user. The users who install every random extension they see are the same ones who download every app and click on every link in the spam they get. You can't protect users from themselves, but you can empower them to better protect themselves.

Downloading a sketchy browser extension takes deliberate action on the part of the user. Just loading CNN.com can (and has) caused computers to become infected automatically because of ads. Limiting the ability to block ads is not protecting anyone.

That argument was lost 11 years ago when the iPhone came out, and yet, people still can't get enough of them.