Being able to run arbitrary code on iOS means that all of the other, presently secondary platform security protections (such as sandboxing) now become the first line of defense.
That is not something they were designed to do, and I doubt they would hold up. They're just one piece of the puzzle, and were put in place with the expectation that they would always be behind the App Store automated static analysis steps.
The other issues are push and entitlements. Should every app now maintain its own separate push connection to that app's own servers, or are they expected to get APNS certs from Apple?
How about feature entitlements? Should competing app store apps be notarized by Apple via developer ID, or should running anything, able to access anything (such as installing covert spyware that installs a systemwide spying VPN) be allowed?
There are probably more I haven't even thought of, yet. Maybe "free" apps that you pay for by letting it use your iCloud storage and bandwidth to put you in some giant replicated storage botnet? There are probably all sorts of avenues for abuse of bundled cloud services that open up when Apple can't reject abusive apps that users would otherwise voluntarily install.
That is not something they were designed to do, and I doubt they would hold up. They're just one piece of the puzzle, and were put in place with the expectation that they would always be behind the App Store automated static analysis steps.
The other issues are push and entitlements. Should every app now maintain its own separate push connection to that app's own servers, or are they expected to get APNS certs from Apple?
How about feature entitlements? Should competing app store apps be notarized by Apple via developer ID, or should running anything, able to access anything (such as installing covert spyware that installs a systemwide spying VPN) be allowed?
There are probably more I haven't even thought of, yet. Maybe "free" apps that you pay for by letting it use your iCloud storage and bandwidth to put you in some giant replicated storage botnet? There are probably all sorts of avenues for abuse of bundled cloud services that open up when Apple can't reject abusive apps that users would otherwise voluntarily install.