As far as I understand it, most vendors ship a single digit amount of apps. If you start the Tor browser, everyone on your network will know. If you start Firefox, everyone on your network will know you started a Mozilla product, most likely Firefox. If you start the Zoom client, everyone on your network knows you started the Zoom client.
I don't think the "it's only the vendor" defense of Apple is any good.
On MacOS, developer certificate requests are NOT done for every application launch. Responses are cached for a period of time before a new check is done.
FYI -- Both Firefox and Safari use OCSP to check server certificates. Anybody sniffing your network could figure out which websites you visit. Chrome still uses CRL; it trades precision for performance.
