[nickspag]

I believe one of the main security benefits of these requirements are ensuring a binary hasn't been altered maliciously, or otherwise I guess. Not preventing outright malicious applications.

Also so the os doesn't have to repeatedly rescan apps, etc.

[art4ur]

It's like sha256sum but cost $99 a year.

[mlindner]

sha256sum generates a sum, you still need to store that sum somewhere that isn't controlled by the malware creator or they can just change the sum too.

All major Linux distros for example still have no viable way of creating signed programs or anything like Gatekeeper.

[saagarjha]

That is what codesigning does.