[Joeri]

They could use bloom filters and inherited trust to avoid having to send the signature of every executable to the internet. And there really should be a switch to turn this off for people who don’t want to be treated like children and will accept the risk of malware. Make it something on the command line and I guarantee no regular user will enable it.

[PopsiclePete]

There's probably a middle ground but you know that within a day of making it optional, the various "Clean my Mac" utilities will have an option to disable it and soon enough instead of 99% of people having it enabled, 75% will have it dibbled. And then some malware hits and spreads like wildfire and the same people who were so adamant on disabling it are now complaining that Apple isn't doing enough to protect them and woowee Macs are just as insecure as Windows.

Speaking of Windows, they also moved to a "we know what's best for you" model with Windows 10.

Definitely a "damned if you do, damned if you don't" situation.

I understand why "power users" feel frustrated but also understand the company's POV. A story like "Macs are invulnerable to this latest ransomware attack" looks pretty good to investors; the random complaints of nerds and power users go mostly unnoticed.

I bet $100 this latest scandal will not affect Apple's bottom line nor will anyone care within a month - there'll be other reasons to be outraged over on Twitter.