I'd like a capability that I can run any application in a tight container that absolutely sees nothing what's on my phone. I can give it a real or fake or filtered network if needed, and anything else the app sees like contacts or files would look like a real phone but just originate from a fake null source. There's a mutual distrust with users and manufacturers and application vendors and technology can solve that.
Namely, that's what I do with proprietary software on my desktop. Nothing that's closed runs with access to my files. Further, a banking app shouldn't need to know I'm running a rooted device. For some reason, I can do banking with an open source browser on a rooted phone just fine. It's just the proprietary blob that comes with TPM shackles, and I think I should be the owner of those shackles because I own my phone.
Namely, that's what I do with proprietary software on my desktop. Nothing that's closed runs with access to my files. Further, a banking app shouldn't need to know I'm running a rooted device. For some reason, I can do banking with an open source browser on a rooted phone just fine. It's just the proprietary blob that comes with TPM shackles, and I think I should be the owner of those shackles because I own my phone.