Sigh.. going backwards
I'm surprised by the comments which seem to accept this kind of rubbish as a fact of life.
My relatively ancient* phone runs Java applets, and this allows me to use the quite excellent Opera Mini, Google Maps, Google Mail, and Shazam iD.
Because they're applets, they have to follow the Java security model. Any applet has to be given permission before it can access any of my data. For example, to access the filesystem, to access the address book, to send SMS, or to connect to the internet.
When an applet tries to access any of these features, the phone asks me whether to allow it. Unless I grant permission, it's impossible for the applet to break out of its "sandpit". Of course I can grant permission permanently, on a per applet basis, if I trust the applet.
It seems that we're going backwards when technologies like this get left to one side. With the security threats that exist these days, it seems weird when we run applications on our computers or phones, they can do pretty much anything they like (e.g. access any of the user's files, not just the ones they need to access).
* It's a K800i, a mid-range phone launched three and a half years ago (and long discontinued). The camera is as good as the latest iPhone, and it has a real flash (not LED), doesn't break if I drop it, and battery can last a week... contact details, to-do list and calendars sync perfectly with the Address Book and Calendar on MacOS using Bluetooth.