All iOS jailbreaks are a result of security vulnerabilities, which Apple tends to fix almost as soon as they're discovered - and ultimately, it's Apple's responsibility to make their sandbox secure, regardless of what's running in it. I also don't see how installing outside apps would make jailbreaks any easier, given that you can already connect your phone to a computer and temporarily install an app on it (and for people who are motivated to jailbreak, this isn't much of a hurdle).
I haven't done enough iOS development to know for sure, but I'm assuming Apple could prevent private API usage by apps through technical means, rather than just app review.
Kind of. They cannot prevent private API used by their frameworks running in the same process as the app (e.g. an app can use an Apple UI widget, for example). Things that apps should generally not be able to do have already started being locked down using entitlements, which prevent third-party apps from using those APIs regardless of whether they can sneak it past review.
> and for people who are motivated to jailbreak, this isn't much of a hurdle
And also because, once you’re jailbroken, you can setup software to automatically resign the app on-device every few days, so you never need a computer again.
I thought jailbreaking worked by using exploits to disable code signing. As in, there’s no need to sign an app. Have things changed the past few years?
Most Jailbreaks today are "tethered" in some way, which means the Jailbreak disappears (to varying degrees†) once the phone is turned off. For Jailbreaks like unc0ver, this means you need to re-run a bootstrap app every time you reboot your phone, in order to return to "Jailbroken" mode and allow unsigned code.
This, of course, is a catch-22. You need to run an app to allow unsigned apps, but that app can't run if it isn't signed.
---
† The community makes a distinction between "tethered", "semi-tethered", and "semi-untethered" jailbreaks. The jailbreak I described above is "semi-untethered". You really couldn't come up with terminology more prone to getting mixed up...
I haven't done enough iOS development to know for sure, but I'm assuming Apple could prevent private API usage by apps through technical means, rather than just app review.