[cyphunk]

Will the browser be OSS? Will the mail app? Message app? Maps app? If the essential apps that constitute a "smart phone" are not open source, at least the defaults, it's really irrelevant.

Not to mention that none of the providers have the code to the baseband.

I could imagine a phone that treats the baseband as an untrusted entity and encapsulates everything running over it. This would require forcing SSL for all HTTP traffic, and using some standard for SMS and Voice encryption that is on by default when the recipient on the other end also has a supported device. For those that do not you're unencrypted SMS would be exposed at many hops even if they smartphone were full OSS and trusted, even to the baseband level. So silo'ing everything where possible is a valid solution with closed basebands.