For personally purchased Chromebooks, you are partially correct. You can set up a Linux sandbox on a Chromebook or you can run sandboxed Android applications from Google Play. You can even side load Android applications via "developer mode" or the Linux sandbox.

For managed Chromebooks, you are incorrect. They are usually configured so that the end-user cannot install additional software, enable developer mode, or set up the Linux sandbox, making them often less useful than Apple iOS or iPadOS devices.

The GGP comment said we should ban PCs [because they're too dangerous for most people to use]. And with Chromebooks or thin clients with virtual desktops, that is exactly what a lot of organizations have done.

None of which you addressed in your knee-jerk response that is about as coherent as "M$" was back in the day (and I did my share of that when I was young and stupid).

Then don't buy Apple hardware. There are those of us who find Apple's walled garden approach preferable to having to (1) tweak everything all the time because we can't get audio working or (2) we have to run three different competing antivirus scanners that make our 2024 computer run like it was made in 1983 or (3) be stuck in Google's walled garden where even if you pay, you are still the product.

Does Apple need to change things? Yes. But I — and I know that I’m not alone on this — happen to agree with Apple that the DMA changes requested will reduce overall security for customers. There may be worthwhile changes that happen because of the DMA, but the reduced security position is real.