With nukes I don't have the device in my hand, or a hotline on which to try every possible launch code.
I can purchase an iPhone and a developer account and find the same exploits I could if sideloading was enabled. The "obscurity" doesn't exist to begin with.
> I can purchase an iPhone and a developer account and find the same exploits I could if sideloading was enabled. The "obscurity" doesn't exist to begin with.
Obscurity DID exist - you said yourself that you have to get a developer account. That's a barrier to entry, which is defense in depth. Dev accounts are a tiny proportion of iOS users.
Also, if alternate app stores were permitted, any exploits discovered via sideload could be deployed at scale. By not having alternate app stores the risk is reduced.
As well, assuming no alternate app stores exist and you managed to deploy your 0-day in an app on the original App store, Apple could discover it and have the means to remove the app quickly to mitigate damage. If alternate app stores existed, it adds additional red tape to get the exploit app removed and potentially allowing more damage to occur.
While I personally agree that defensive in depth does have it's real world uses, I'd be really surprised if having an Apple dev account is a real world barrier for anyone doing iOS exploit development.
Maybe script kiddies wouldn't, but they're not the kind of thing to be worried about anyway.
Security by obscurity has been debunked for decades. This is not an acceptable argument for anyone who actually cares about security.