> there would likely be some other way of removing the pinned cert checks

Yes, but it's significantly harder than flipping a bit. There's also clever ways of countering this (e.g. checksumming the public key). Of course, even this is technically hackable, but extremely time-consuming in practice. Imagine getting the public key and adding a bunch (and by a bunch, I mean like 16k) of random ops throughout the control flow that crash the app if any random byte of the key is wrong. For extra fun, offset the byte by the instruction pointer. Good luck debugging that.

This is a large part of Apple's control/Secure Enclave decisions. These decisions can seem arbitrary and anti-completive from the outside.

I wouldn't call it anti-competitive. Treacherous is a more apt description.

https://www.gnu.org/philosophy/can-you-trust.html

Apple is a west coast company and they like their west coast BSD licenses.

Not only anti-competitive but also treacherous. They exist to protect corporations from us, the users of the computers.

This seems unrelated?

I saw is as related by an entities ability to control certificates on platforms with zero trust.

Apple designs the platform, though. Seems like a different model to me?

Exactly I was pointing out why some may choose certain models. I would say that building a platform takes many considerations and the choices made led to this outcome. Apple made different choices and is often vilified for trying to maintain these protections.

Apple has been slowly making progress of opening up their platform. The next 3 years will introduce a new landscape for apps. People will still be complaining.

It prevents very basic RE / MITM.