One for instance is that Apple doesn't offer an API for deep system scanning. So if your phone is infected, you have no way of knowing this, because there is no software that can scan it. You cannot trust it.
Or things like Memory Tagging Extension (MTE) Apple has implemented, but they have not released specification and implementation details, so you don't know if it has backdoors.
> So if your phone is infected, you have no way of knowing this, because there is no software that can scan it. You cannot trust it.
Not true. There are commercial apps that can scan your iPhone for vulnerabilities and exploits [1]. Apple goes through ridiculous lengths regarding security on their platforms [2].
> Memory Tagging Extension (MTE) Apple has implemented, but they have not released the specification.
It's based on the Memory Tagging Extension (MTE) added to the ARMv8.5 architecture in 2019, co-designed by ARM and Google [3]. MTE support has recently been added to Android 12+ and some Linux distros like recent Fedora and Ubuntu 24.04.
Apple's Memory Integrity Enforcement (MIE) is based on MTE. Now that Apple designs its own ARM-based processors, they used MTE as a starting point for Apple Silicon. The iPhone 17 series and the iPhone Air shipped with MIE enabled in September.
The point of these technologies is to enable software that hasn't been written in memory-safe languages (many millions of lines of C, C++, etc. that will never be rewritten) to run safely.
Although it's starting to change, the vast majority of the rendering engines used by Safari, Chrome, and Firefox are written in C/C++; so it makes sense to address potential browser vulnerabilities at the hardware level.
Or things like Memory Tagging Extension (MTE) Apple has implemented, but they have not released specification and implementation details, so you don't know if it has backdoors.