You can never defend against user stupidity, regardless of the OS. If Maemo (or MeeGo) were a big enough target, and your users dumb enough to be convinced to load software from some random, no-name website, then yes it could happen.

I'll take the risk and bank on educating users than going the Apple path of the walled garden where instead I am spied upon by companies