No matter how much Apple invests into security, parties like Meta will find holes to exploit because it’s profitable to do so. It’s a cat and mouse game, and so even though Apple should be investing in security they also need to be able to put an end to the game when there’s obvious abuse afoot.

I’m not as supportive of this ability for computers, but the market is so broad and large for mobile devices that I feel it’s a bit of a different creature.

And yes, I agree that for sideloaded apps all bets are off. That’s why I mentioned Apple having a kill switch only on automated distribution, e.g. through app stores (first party or otherwise). So for example if it turns out that Facebook has been making constant use of exploits for a while, jumping from one to the next as they’re fixed — in this situation Apple can stop it from being installed or updated from any app store (even one run by Meta), meaning the only way to install or update it is through fully manual side loading until they clean their act up.