[shittyadmin]

> because you can just ask for permission from Android

You cannot ask for permission to bypass sandbox restrictions on Android. You need root access, which means physical access to do things like unlock the bootloader or an exploit.

iOS sandbox seems slightly weaker here due to the use of hidden/private functions to protect certain things, sideloaded apps would likely be a bigger risk on iOS than Android at the moment, but that's not something unresolvable.

In any case, the things you're discussing aren't really so problematic - isolation systems are only getting better, OS level ones are improving every day. We could easily have sandboxes at this level just as secure as the javascript ones.