If anyone thinks any non-Apple platform is more secure than modern iPhone/Macbooks running iOS/macOS, you are dead wrong. Apple's security is far ahead of other platforms.
Security is a complex topic. While I don't disagree with your statement, I also don't agree with it. It's more realistic to say that "in recent years, Apple has clearly invested more in macOS security compared to the late 2010s."
I'm pretty sure that Qubes OS [0] is far more secure than any other desktop operating system: its security relies on hardware virtualization, which was broken last time in 2006 by the Qubes founder [1].
One of the cool advantages I was pondering is its greatly reduced attack surface. Linux and Android apps can still come in, but they're always really sandboxed and insulated from the main OS, which is little more than browser+UI. So as secure as you can make the browser, that's your OS security. The most a user can do is install PWAs on it; they're not going to have a bunch of userspace native apps causing trouble.
Yes. The whole existence of NSO shows that the iPhone is preeminent in platform security. No one pays hundreds of thousands of dollars to access an easily exploitable system.
FWIW, Zerodium still values Android zero-days higher[0] than iOS ones. Suffice to say that both parties pay hundreds of thousands to access their respective systems, to the point that companies like Greyshift sell standard-issue exploit hardware[1] for these devices now. Hacking your phone is a commercial field in the year of 202X.
Both platforms are extremely vulnerable and actively exploited. Make of that what you will.
Security is a lot more than just the OS. Modern iPhones have security chips that ensure the integrity of the main OS during boot and while running. A large part of Apple's security excellence comes from their hardware security integrated with their software/firmware.
What makes you think there is excellence in security? Nearly every case involving Pegasus was on the iPhone.
I believe this affected ~1000 VIPs and caused the death of at least 1 person.
Either 0 VIPs use Android, or it is much harder to break into. (From my research, there wasnt any 0 click exploits, you always had to manually download something and approve it outside the play store)
I sort of agree with the sentiment behind what OP is saying here, but perhaps not the way he is saying it. I'm not sure if I'd call it "security" as much as "system integrity." The model that Apple has moved to with the signed and sealed system volume is pretty interesting. I didn't even realize how much had changed with macOS until I was hunting around to change the startup wallpaper on Monterey and realized that macOS today is totally different from the macOS I remembered administering many years ago.
UAC on a Mac has always been good, but now there is this new layer that even protects the system from the admin. I think the real risk with Apple's model is that there are these choke points now that, if compromised, can cause truly catastrophic failure—especially because of the false sense of security that's out there. If an Apple update server or signing certificate were compromised it would be a potential company ending event. Other ecosystems are much more fragmented, and there is some resilience baked into that. I remember a few years back when an OCSP server went down and internet connected Macs around the world ground to a halt. You couldn't open any application because it took 10 minutes for the server that verifies its certificate to time out.
Every single case involving Pegasus was a targeted attack by a state actor. This is a very different scenario to defend against than what corporations or private persons normally worry about.
Their phone probably had at least 3 other RTOSes on it. Hardware security is more important than the main processor's OS when you have that many radios.