I thought you’d find this one interesting, considering your phone background. When I read it, I thought about all the mentions you’d made about phone apps accessing the system without restraint.
Yep, it is an issue. I personally think the best solution is what Android does - you can install anything you like (there’s no way to screen apps successfully, as the [benign]trojan for the iPhone I linked above shows), but you have to agree to the access the app needs.
Hmmm, a wallpaper app that needs network access and browsing history? I don’t think so! But just like in the computer world where you get people who will click on “OPEN THIS ZIP FILE FOR YOUR UPS TRACKING INFO!!!” you will get people who will download and install trojans on their phone.
It’s not a weakness of the phone, it’s a weakness of the user. And trying to protect dumb users from themselves is ALWAYS a losing effort.
Tell the user what the app needs, so the user needs to explicitly authorize that access, and then be done with it.