Agreed. I'm trying to figure out the logic behind the decision to restrict iCloud and Notification Center access to Apple-signed apps, and I just can't. If you have installed malware on your machine, you have bigger problems than a few spam notifications showing up.
The difference is that for those, services - which cost Apple to provide on an ongoing basis, they want your app to go through App review. I could easily imagine a poorly written app that still worked and was useful, but that caused a disproportionate load on the iCloud service perhaps even through just a bug. If it went through app review, Apple would be able to enter into a dialog with the developer to fix the issue.
If it was just signed and wasn't actually malware, then would Apple be able to legitimately disable all of that developer's apps because of a performance problem with just one of them?
Basically, signing apps provide some assurance against obviously ill intentions, but no quality control. Since it's your machine, this is a reasonable balance - if you're ok with an inefficient app that does something you need, then that's your choice.
App store apps can use infrastructure outside of your machine that is provided by Apple. This means they have a stake in quality control as well as assuring benign intent.
I guess that is fair. The point I guess is that developers will always be able to develop and distribute outside of Apple's channels, so I guess all this sky is falling talk is unwarranted.
