Re: "installing a binary that is untrusted is a security nightmare"
"Mobile OSes shown you can sandbox native applications as well"
They have? I can only speak to Android, but I don't think that's been shown at all. While it is possible to distribute and run native apps on Android, there are very few in existence. Almost every Android app you've ever run has been implemented in Java or a Java derivative, and Java applications are not native applications -- they're running in a VM.