The application still needs to communicate the things it needs, the things on which the OS/the user should make choices. And if the application can communicate this, it can communicate it again. And again. And again. Or flat out refuse to work with "incorrect" choices, and bully the users into compliance.

You'd think that would be really rude of the app. That may have mattered 20-30 years ago. Today, most consumer-facing tech companies - big corporation and small startups alike - adopted "being a rude, obnoxious asshole" as a business model.

Note that this includes all the major commercial OS vendors too - i.e. Apple, Google and Microsoft. This creates a new challenge: how do we design secure systems when neither the apps nor the OS itself are trusted parties? How do we develop this security framework, when untrusted parties are the ones gatekeeping adoption, and also most likely to be developing it?

In other words: how do we maintain security for hens, when the foxes are guarding the hen house?