The problem with sandboxing is that "bad" has no formal specification. There are legitimate reasons to access contacts, intercept system calls or key presses, use raw sockets, etc.
If you try to make those things not possible then people who need them have to use a different platform, which tends to cause other people who need to interact with those people to use the same platform (and so on) until the original platform is in decline. And the effect is worse the more you lock things down. It doesn't help anybody to have an ultra-secure platform that nobody uses.
If you try to make those things not possible then people who need them have to use a different platform, which tends to cause other people who need to interact with those people to use the same platform (and so on) until the original platform is in decline. And the effect is worse the more you lock things down. It doesn't help anybody to have an ultra-secure platform that nobody uses.