[jonhendry]

"If smartphones are any indication, it's difficult to design a device that cannot be convinced to run unauthorized code."

True, but you could require that the device have a little semi-autonomous widget attached that monitors the rest of the device, can't be controlled by software on the main device, and can't be removed or deactivated without seriously reducing functionality of the device.

The government would simply have to say "put this in your phones, and require devices on your network have it enabled, or you don't get FCC approval."