Firefox is also frequently criticized for not implementing certain APIs because of security concerns. There was a post on this site just the other day about their lack of support for WebUSB for exactly this reason

It's not unique to Apple. And we should take security seriously. To people who are technically literate and think they can navigate security risks it's not a big deal but people's entire lives are frequently turned upside down by scams and security loopholes

It doesn't have to be the worst possible implementation to be less desirable than the walled garden for me. I get so much spam in whatsapp, groupMe, telegram, and from sms. Some of it is even from legitimate contacts but then they signed up for something or did something and it sends one of those stupid "join me on {thing}" messages. The only place I don't get spam is imessage

It's not a straw man argument, it is the argument.

An average user can't dive into the bluetooth driver code and figure out where in the 4000 page spec something deviates and is now a security issue. So we have to assume the worst.