> Only by analyzing the apps can Apple enforce several policies
Or they could secure the runtime and quit giving developers dangerous entitlements in the first place. Make no mistake, Apple doesn't need the App Store to develop meaningful security for their users. The Mac is living proof.
Without those entitlements, they would get slammed for being anticompetitive by not allowing 3rd party devs the privilege of building the things they want to build on the platform.
Fine by me. If Apple can't develop safe APIs for themselves, they shouldn't be allowed an unfair advantage through unsafe channels. Secure the runtime, and everyone is happy and you're inherently better-defended against attackers.
The Apple Watch is more secure than an iPhone. I don't think anyone would use that as reasoning to justify the same security model on iOS or Mac though.
At some point, the diminishing returns of "muh security" do obviate positive and pro-consumer change.
Or they could secure the runtime and quit giving developers dangerous entitlements in the first place. Make no mistake, Apple doesn't need the App Store to develop meaningful security for their users. The Mac is living proof.