There are certainly a lot of issues with the app store model. But using a service like download.com was also rife with issues.
Anyone who argues that all users must be herded into a walled garden in the name of security and alternatives are not acceptable is essentially advocating a digital nanny state.
That is the herpes of the Linux world. That is one of the worse things that someone can suggest to install something.
Is it a bad idea? Maybe, especially if you're not technically versed. Does that mean we should take everyone's freedom to make their own choices. "because we know what's best for you"? I don't think so.
I believe that most non-technical users are self-aware enough that they stick to curated app-stores of their own volition.
They didn't, though; they just muddled through and asked their friends or some tech support service to reinstall Windows occasionally, when the viruses, adware and other crap made the computer too slow, or when the ramsomware encrypted all their files.
a) Educate users and give them more knowledge and better tools to easily protect themselves
b) Have app-stores organized in such a way that user interests and legitimate security concerns are not conflated with commercial interests of the platform owners as it's currently the case. Either treat app stores as a public utility with rights and regulations or require all devices to support competing stores.
Google Play is full of crap, Apple's app store has plenty of low value apps, the Windows 10 App store sucks, etc, etc, etc.
They've improved user security, but the amount of garbage to sift through is terrible.
And companies, individuals, non-profits, and others are all allowed to run their own repos, or mirror these.
Similar approaches to the apple app store vs. android store... up front binary check from apple vs. a permissive store with user reports being the primary thing that pulls apps from circulation.
From my POV, it's like complaining that the seat belt left a bruise after an automotive collision; IOW, missing the bigger picture. I can sort my own garbage, thanks (and that's not to say that you're not right about the quality in app stores). It's easy, and if I screw it up then I've just got a garbage binary taking up space that is otherwise harmless.
But what I grow increasingly tired of is wondering if bad actors have found new ways to make my life difficult before I install that random app. Download from an app store, the app might be garbage, but at least I can be confident that it won't trash my machine. Servers, my dev machine? Sure, I'm willing to put up with a little more rigamorole for more control, etc. But my phone? I don't want to put up with that crap, vetting everything binary that goes on the box. I just want to tap and download, and if the quality of the app sucks, then fixing that is a long-press away.
That second problem remains unsolved (crap apps blasted into the stores just to show ads fit my definition of abusive advertising).
Also, still the best implementation.