Does anyone know of a smart phone or mobile device that enforces account and privilege separation?
It's been a long held good practice to run user accounts with least level of system privilege and only use admin accounts when you absolutely have too. The obvious danger is that if you're always operating with elevated admin rights and if your device is compromised then the attacker runs with your admin rights. This is far from a perfect situation and can easily lead to security meltdown.
All the popular mobile devices and smart phones I'm aware of operate with full admin rights all the time which seems like security madness to me. Code signing of downloaded apps will help to establish some level of trust in the source on content, but all bets are off with content based attacks arriving via e-mail.