The crowd here tends to interpret code signing requirements as nefarious steps down a slippery slope where Apple locks down macOS and applies draconian rules to deny us access to our own computers. The reality is a little more boring:<p>macOS has a growing malware problem. The initial solution to this was to introduce the Mac App Store in 2010, where users could acquire trusted apps that had been vetted by Apple.<p>But the Mac App Store wasn't successful by many measures and users continued acquiring apps elsewhere, including the occasional malware. So in 2012, Apple introduced Developer ID, tying every app to a developer identity which is supposed to be verified through the Apple Developer membership application. This means malware cannot be released by a nameless entity, and that it can be revoked.<p>However, having recently cleared off a relative's computer of something like 5 separate "Adobe Flash updaters" all signed by different, and apparently fake, developers, it seems that the $99 membership fee and identity verification was not enough to deter fraud and abuse in the program.<p>The logical next step to protect users is to give Apple more insight into what is being signed, so that they can be more proactive in detecting and blocking malware. Thus, notarization, which involves uploading a copy to Apple.<p>Apple's software engineering org is populated by some of the developers of your favorite open source projects and indie apps. They're not trying to destroy the platform that they love. In the past, they've given advanced users an escape hatch---option-click to run an unsigned app, Gatekeeper settings, System Integrity Protections settings---and I hope this doesn't change in 10.15. But they are trying to balance this with the needs of 99% of users who just want their Mac to be protected from malware.