This isn't exclusive to Apple - Microsoft recently decided that starting from August Windows Defender will have the option for blocking PUAs enabled by default for those users who doesn't have other third-party security software [1]. This also I belive falls under "we know what's best" and "the customer is not to be trusted" or "is too stupid to run things by on its own".
This does looks good on paper - caring for customers and their security, peace of mind but tomorrow it might be a total vendor-lock with no ways of installing any other software than one approved by the corporate entities.
I don’t see why a circumventable default block of random executables is bad. People (even technically adept ones, who are a small minority) are very easy to fool. Depending on how easy it is to allow execution of such a program (which is a UX problem) it can indeed be what prevents a botnet on a significant number of computers.
This does looks good on paper - caring for customers and their security, peace of mind but tomorrow it might be a total vendor-lock with no ways of installing any other software than one approved by the corporate entities.
[1] - https://www.ghacks.net/2021/08/03/windows-10-blocks-potentia...