The permission and security systems will be circumvented by malware authors and unscrupulous developers, just like they are on macOS. Given the enormous amount of personal information on our mobile devices, this represents a particularly concerning potential regression in end user privacy and security.
Like on Windows, macOS and Android it’ll be crucial for users to avoid installing executables from the web. and like Android, users also have to be trained to only install apps from ethical software repositories that respect user privacy and security. This is the best case scenario for privacy/security, and essentially the status quo for Android.
For better or for worse, the days of iOS users installing any and all available applications without worrying about malware is over. Users will get more freedom, but they’ll have to take more responsibility when vetting and running third party apps. I don’t know how a notoriously novice user base will react to that, but we shall see.
Mac OS, like all traditional desktop operating systems, gives almost all permissions to every process running as the user. This is a very difficult environment to defend!
It's also very different from how iOS and Android heavily restrict what each app can do, hiding most things you might want to do behind permissions. Installing an app is not quite as safe as visiting a web page, but it's very nearly so if you don't agree to any permissions requests.
The most common way for malware to abuse the permissions system is to ask for permissions to do something plausible, or even implausible, and then abuse those permissions to do other things that the user wasn't expecting. For example, a speed dialer might ask for permission to read your contacts, which is quite reasonable for a speed dialer, but then exfiltrate and sell them.
Like on Windows, macOS and Android it’ll be crucial for users to avoid installing executables from the web. and like Android, users also have to be trained to only install apps from ethical software repositories that respect user privacy and security. This is the best case scenario for privacy/security, and essentially the status quo for Android.
For better or for worse, the days of iOS users installing any and all available applications without worrying about malware is over. Users will get more freedom, but they’ll have to take more responsibility when vetting and running third party apps. I don’t know how a notoriously novice user base will react to that, but we shall see.