I see. Indeed, I agree it is not super easy to access everything on the mobile.
But I am still convinced that having a myriad of different apps, most of which are developed without real regards to security, makes the attack surface much larger -- e.g. you are likely to find a popular exploitable app that already has legitimate access to user data (such as "all the time" location data, contacts, calendar, ...) - as NSO did with whatsapp.
But I am still convinced that having a myriad of different apps, most of which are developed without real regards to security, makes the attack surface much larger -- e.g. you are likely to find a popular exploitable app that already has legitimate access to user data (such as "all the time" location data, contacts, calendar, ...) - as NSO did with whatsapp.