I mean… there’s an “I know it when I see it definition”, but that doesn’t actually work when you’re the engineer tasked with building an operating system. Fundamentally you can go with an “allowlist” approach, of “we only run software we KNOW is safe”, or a “denylist” approach

Of “we only disallow software which we KNOW is dangerous”. Which of those two approaches would you choose?

I’m going to make the assumption that unsigned software is malicious and I think you know that and are making a really weird assumption to argue against it

That's basically what Google has done here, but it's also a big change to something that's always differentiated Android from iPhone. And I know iPhone gets away with it (for now), but basically forcing you onto the Google Play Store for a 30% cut is IMO philosophically wrong. I don't see any reason

why the current status quo is bad. There's multiple layers of protection before you can allow yourself to install unsigned software on the device. It's even now where it's not a universal toggle off, but you have to do it for each app.

It very much is not.

No, I'm serious. What they've done is sidestepped that question (because it's impossible to answer) to instead whitelist developers.