Security is about layering. To say that something is absolutely insecure because it is missing a single layer is simplifying the topic to meaninglessness.

There are many layers of security that still exist on the tabletOS:

1) It is built on a Linux foundation. Linux developers (especially kernel developers) do think a lot more about security than the average.

2) The libraries and infrastructure sticks pretty close to upstream. The more you deviate from the common core code, the more you have to rely on your local security experts; the less eyes you have auditing your code; the more chance you will have security problems.

3) It is an obscure platform to write an exploit for. Malicious attackers will look to get the most bang for their buck and the tablet is not it. Not exactly a feature that Nokia marketing wants to use but it does help with security somewhat.

4) Linux generally does not run applications as a superuser. After they are installed, apps on the tablet generally run as the user "user" and that gives them much less leverage on the system. They can affect files in /user/home and /media/mmc*, maybe communicate via the various communication interfaces but that is about it. Certainly they have the leash to create a great deal of havok but it is limited havok should a security hole get exploited that way. This is in stark contrast to a Windows world where you are actively encouraged to run as an Administrator (and cutting the leash on anything you run) since so many things just don't quite work right if you don't.

5) The tablet is not always on and always connected to the network. Being mobile, it is jumping from network to network and spending a lot of the time sitting off and not talking to anyone. Most of the other part of the time, it is connected to an wireless access point that masquerades the network connection and often has a firewall built in. This greatly reduces the opportunity for network-based remote attackers to even try to exploit servers running on your tablet. The addition of the Wimax line of tablets sheds this significant layer though. Another axiom that goes along with "security is layering"; "Security is also always a trade-off".

So that is a (by no means exhaustive) list layers that provide a security patchwork that attempts to have 100% coverage of all possible exploits. Never can any anything ever achieve this goal. The security of the available application trust system is certainly a problem that throwing out buzz-phrases like "sandbox" is not going to solve ... sandboxes can be breached too. Nor does it mean that what you have currently is a pile of crap.

Hopefully people continue to think about security and making things more secure but I am not laying awake at night worried that someone is going to pwnz0r my l33t b0xx0r.

Nokia made a wise choice to go with Linux in that respect since it has a inherent security infrastructure and culture.