And these people are to be enticed by low up-front costs (e.g. 'Look, my new iPhone 4 only costs $100'), and the operator's subsidy of the device has to be recovered by usage and apps and content the user buys.

In this case, the user is not (yet) the owner, the operator is.

Exactly. It would be really nice if aegis could for example allow a device to operate in two different modes, possibly protected by different passwords/pins/hardware tokens, so I could have personal content (social networking accounts, personal email account, photos, videos etc.) on my device, and work content (work email account, calendar, credentials e.g. VPN, documents, presentations etc.), and they would be kept separate. So for example if it is my own device, and I change jobs, the company could wipe the company content, but not my personal content.

Yes, this is the depressing part. Security *can* be a beneficial feature to the owner (and the user too, e.g. the company may decide to fund better devices, and the users benefit from them) to have a comprehensive security system (including one that prevents the physically present user from certain actions).

However, there must be a means for the device owner to bypass/disable the security (and, ideally, restore it or access to the protected content as well).