Closed devices are secure, yes. Apps can use pinned https certs. Apple signs the binary. This ensures that when your personal data is exfiltrated, it will go undetected by malicious third parties such as yourself.