[comex]

They don’t run unsigned binaries, but they run self-signed binaries (to the same extent that Intel Macs run unsigned binaries) and the linker automatically does the signing. It’s an architectural simplification, not a substantive tightening of the screws.

[heavyset_go]

Self-signed applications are treated as if they're radioactive by macOS, too[1].

[1] https://lapcatsoftware.com/articles/unsigned.html

[comex]

Yes. My point is that blocking truly unsigned applications on Apple Silicon is not a substantive change from the status quo on Intel Macs.

[saagarjha]

Programs on Intel Macs can do some funny things to invalidate their code signature in was that Apple silicon won’t support, which I guess you could call a change. But I agree that the transition was probably mostly made for simplicity.