It's a good thing to be able to have a device where you can choose to install applications outside of a tightly controlled single broker's delivery channel (and obviously be responsible for checking these apps are not malware). That's why I like Android's f-droid and how, unlike all the other fancy delivery channels, it doesn't conveniently hide the license chosen by the software author(s) under some euphemism but actually spells it out clearly (MIT, GPLv2, GPLv3+, Apache2, AGPL, etc) and provides a link to the source and the upstream project website.
Hopefully with the work going on in DEP5 and Appstream, there will be good alternatives to the "we-hold-full-control appstores".