Apple fans would always claim that this was a security measure to prevent malware. I have always found the claim dubious.
If you believe in that as a security measure, you could still have a signing requirement and apple could revoke trust on known-bad binaries. Which is probably what they will do.
Mind giving some high level clarification on how Apple would revoke entitlements on applications they’re not allowed to manage? Honestly curious about the infrastructure involved, is it really simple from a technological stand point?
If the developer needs to use Apple resources to track and manage said entitlements, and the consumer expects Apple to police bad actors, then are we asking Apple to do this for free on the bad actor’s behalf (oops, I didn’t mean to use your microphone, GPS, BLE in order to sell the info to an enemy state, law enforcement, angry ex!) or should the cost of said infrastructure be passed to the customer when purchasing hardware? OR does Apple wait until an application is exposed, generally through an echo chamber after the damage is done and is made aware of the issue?
I thought they already do this with notarized binaries on macOS. Conceptually it's no different from certificate revocation. The platform can phone home periodically to discover binaries for which notarization has been revoked.
You may be correct? Then the assumption would be developers need to pay the $99 fee to be part of the Apple dev program (pretty sure that’s the only way to get notarized). Next step in Apple’s playbook might be upping that fee for third party stores?
If you believe in that as a security measure, you could still have a signing requirement and apple could revoke trust on known-bad binaries. Which is probably what they will do.