It's a very sensible default for people who can't be trusted to not click on banners telling them to download a "FREE CAT SCREENSAVER", thus the universal adoption. And it doesn't hinder anything like software development at all, since programs you compile yourself aren't marked as tainted. (And you can just pop open a Terminal and drop the taint xattr from any file.)
Nevertheless, in all cases, in all these OSes, the Gatekeeper/Smartscreen-like system can be turned off, and always will be able to be. Otherwise, how would programs get deploy-tested? [You can't require signing with individual device deploy keys like for iOS deploy testing, because IBM-compatible PCs have structural identity--there's nothing equivalent to the UDID to tell them apart by. You could try using a fingerprint with the CPU model, MAC address, etc--but all those can be faked. Unless we get something like a TPM-based PC UDID, trying to do device keying on PCs is moot, and no OS vendor will bother.]
Actually, come to think of it, Linux also has this at an even more fundamental level: you can't install a DEB/RPM from the Internet as an automatic dependency unless its signing key is in your keychain, fullstop. There are actual programs I've installed (for example, ESL's distribution of Erlang) which require the user to "curl http://example.com/key.asc | sudo apt-key add -". Ubuntu's PPA system (using apt-add-repository et al) doesn't get around this, it just automates it with a prompt for whether you trust the key.
What people are talking about is locking down what can run at the behest of the vendor. Like how iOS is. Like how Mac OS X would be, if you couldn't disable Gatekeeper.
You think users "always will be" able to disable Gatekeeper, but I don't think there is any evidence to support that. It's entirely up to Apple, and if they want to implement a TPM-based (or other) Mac UDID and lock Macs down to Apple-approved software, they will go right ahead and do whatever the fuck they want to do.
Apple doesn't control what is signed by devs, though they do control handing out certs to devs. If Gatekeeper were permanently on, it wouldn't mean you could only use Apple-approved apps (ie, the app store), it just means you can only used signed apps (ie, random stuff you download from the internet).
But that's the thing. OSX, Linux, Windows--they're PC operating systems, and they run on PCs. Any PC. Which also includes virtual machine environments that emulate PCs. Apple could lock Mac hardware down, yes, but they can't stop a Hackintosh from running whatever it likes--because you wouldn't build a TPM chip into your Hackintosh.
Now, if your argument is that Apple is going to take OSX and make it into something that doesn't run on generic PCs, but rather a specific, closed environment that loosely resembles PCs [thus killing all ability to do Hackintosh builds, run OSX in a VM, etc.], I agree that there's a very slight possibility of that.
But Apple has a heavy incentive to keep OSX running on generic PCs. For one thing, it's required to maintain backward compatibility with all the current hardware that are just generic PCs. For another, it gives them the ability to test their software using generic VM products, rather than a specialized "simulator." For a third, it allows them to just construct a new prototype Mac in the lab out of the newest off-the-shelf components (picture an empty Mac Pro case with random hardware inside), and then use it to write and test drivers for those components, instead of waiting for a specialized mobo to be produced for them that supports all those technologies and carries their special, needed OSX TPM chip.
Sure, Apple could push the industry to standardize a UDID-carrying TPM chip for all devices (this is basically the dystopia everyone was scared would happen with Palladium), so that Apple could use off-the-shelf hardware and still do device-key deploys to it.
And sure, Apple could write their own machine simulator.
And sure, Apple could just make the device-deploy-keys feature optional until an OSX release where all the old hardware is no longer supported.
But why? What advantage does this give them? It sounds like a lot of hassle to create a world where it's harder for everyone--including Apple's own in-house developers--to develop, test, and distribute Mac software. A world where fewer developers want to develop for OSX. A world where it's impossible for enterprises (yes, Apple has enterprise customers) to deploy their own internal software over their networks.
Now, look out below, for :itisacaranalogy: --
If you're a car company who makes sedans [iOS devices] for "consumer driving", and trucks [Macs] for "utility driving", what purpose would it serve to turn all your products into cars? Especially if your own employees require a truck, as part of their job, to haul loads around the workplace?
As far as I can see, Macs are going to diverge from iOS, not converge. The more consumers who buy sedans [instead of buying a truck they don't need and then complaining when it doesn't have heated seats], the more "trucky" the trucks can become without impacting sales. Macbook Pros and Mac Minis--both "trucks"--are here to stay.
On the other hand, iMacs and Macbook Airs--both "sedans"--might just get locked down, run iOS, and probably have touchscreens one day. But that's just fine, isn't it?
The MBP looks like it's going to keep getting lighter until there's no need for a separate "Air" category any more; if they keep the brand after that, it'll be for an iOS device with a keyboard attached.
And the iMac is already a redundant competitor to (Mac Mini + Cinema Display); so it will probably make more sense as a big iOS touchscreen "kiosk." Instead of having a Mac built in, it'll have an Apple TV built in. (I imagine the Cinema Display would also get touchscreen capabilities, and then you'd get the same experience as an iMac by hooking an external Apple TV up to it instead of a Mac Mini.)
...and note that everything I just said could apply equally well to Microsoft. They have all the same choices available to them, and there's already the same "nervousness" surrounding the Surface RT. It's just simpler to do the analysis with Apple, since their long-term hardware strategy is more obvious.
But yep, Apple could do every single thing you say. Without breaking a sweat.
As for why? I think Apple would prefer that OS X not run on commodity PCs. They already take halfassed measures to control running OS X in a VM, and to prevent booting OS X on non-Apple hardware. If they could do that more reliably, they woudln't care about their slightly higher internal costs, and they definitely don't care about making life miserable for their developers (as I've witnessed being one for the past 12 years). But it's just a hard problem for them and a hard sell to existing users used to PCs being wide-open. But with every single iOS user they add, that sell gets one user easier.
I'd bet that within five years, the percentage of users running unapproved software [EDIT: somehow deleted 2nd half of this sentence:] on new Mac hardware will be about the same as it is on iOS today. It won't probably be impossible, just hard enough to not be feasible for most normal/busy people.
OK, that wasn't short, but in summary: The fact that Mac OS X has been the best power user OS for the last several years wasn't by design, it was just an accident of history and where they got their OS from. Apple doesn't give a fuck about power users, and Apple doesn't give a fuck about trucks. That market is just way too small for Apple to care about -- which is sad for those of us currently in that market.
Because if/when Apple finally abandons Intel and power users (timing that makes sense to me) it will be years before Ubuttnu or any other plausible player is anywere near as good as Mac OS X 10.7. 10.8 still has too many bugs and stability issues, but it will get there. Probably 10.9, too. But after that? I don't think anybody knows, but I am very skeptical.
(I think Microsoft will move in this direction, too, so those Surface RT users are probably right to worry.)