But it does require the user to be vigilant and not give every app all permissions (i.e. the root access aptitude et. co require). Do you really think that is reasonable to expect from every mobile phone user?