I think it's simpler: don't touch untrusted content unless/until you need to.
That's easy, and already done. Phones only touch untrusted content when they need to, it's just that they need to touch it immediately upon receipt
alt Hacker News
That's easy, and already done. Phones only touch untrusted content when they need to, it's just that they need to touch it immediately upon receipt