[threatofrain]

I see two parts to this. One is the role of user choice in deterring system damage from bad apps, and the other is the role of app stores in shielding the user from having to make this choice to begin with.

On the matter of websites, if the decision rests on individual choice, then individuals certainly have a choice to visit (and thus trust) a particular domain name and cert. That users need merely type in a name, and that there's a giant company helping you search for these apps, simply means that web apps are easy to find and install (and native apps are only slightly harder to install).

Then there's the role of the app stores, which I imagine practically deals with the supermajority of garbage, spams and scams out there. We could also have orgs whose sole job is to maintain lists of credibility, if that's what people want. Then a web user could download a browser extension or use a browser that subscribed to these lists by default. In some ways that's what ad blockers are, except ad blockers are even more precise and there's nothing quite like it in the native world.