Sheesh, you'd think macOS is a big disaster the way you talk about it.
First, macOS doesn't have even a tenth the mindshare iOS does. Even those who have a Mac don't use it in such broad scenarios. Lots of privacy and security measures don't really matter as much on a device you'll primarily use at a desk and maybe on the couch as they do on a device you'll be carrying around in your pocket and frequently using in public.
And second, that we got by without certain technology doesn't mean that the technology is unnecessary. We've been without electricity for millennia. Like it or not, the measures that have intensified in releases like macOS Catalina do help people avoid getting attacked.
2001's Mac OS X was still stuck in a 1970s' Unix mindset of security where you have a root user and various admin and non-admin users, which is nice because it helps protect the OS, but it doesn't really protect your personal data at all. No need for root (or even admin) permissions to steal or delete all your documents. Instead, we've evolved facets such as sandboxing and TCC, where even within a user, applications can do a lot less damage (whether malicious or inadvertent). They need to ask before using your mic. Even once you've confirmed it, macOS permanently warns you that you're currently being recorded. They need to ask for your location. For your contacts. For access to the documents directory. And so forth.
With Mac OS X 10.0, it would have been trivial to write an app IAmVeryTrustworthyPinkySwear that pretends to be a funny screen saver but actually uploads all your documents to Random Villain, then (to bring this back to crypto) encrypts them locally and asks for a money transfer via Bitcoin. "At least the OS isn't corrupted because they didn't have my root password!" isn't much comfort. How do I know this could easily happen? Because such ransomware is a thing and does happen all the time — and in modern macOS (and other OSes), Apple and others keep tightening the screws to prevent it.