UWP apps can't be run outside of the MS store. So that's the lock-in he was talking about. It would be nice if Microsoft enabled "mini-VMs" for legacy x86 apps at least.

That way it could shoot two birds with one stone - make x86 apps a little slower and more resource intensive, and thus give both users and developers a reason to switch to UWP, while at the same time it would also make legacy x86 apps vastly more secure.

I think you can sideload them since 1607 (or even 1511?), there's a developer switch in new Control panel for that.

Windows 10 allows you to turn on sideloading. Going through the Windows Store is no longer a requirement.

but then again, how is that different from android of today?