I have to agree (and I'm an Android user, and no fan of Apple). Users want security and total convenience, and while technically the permissions side of Android is fine, the average user just wants their funny talking dog app to run - they don't care to look through the permissions list and wonder why it wants to be able to dial numbers and access all their personal data. Similarly, when Microsoft implemented UAC in Windows, people complained about the intrusive pop-ups and would automatically approve them to make them go away, until they were forced to lower the default setting in Windows 7. But you can bet that if they get malware on their Android phone or Windows PC they'll be blaming Google and Microsoft for not preventing it, rather than themselves for agreeing to its installation.
I don't see how there can be a perfect solution though... either you have freedom and have to take responsibility for these risks (knowing that a lot of people won't), or close off the device to anything that's not officially curated (restrictive and not foolproof either). Given the choice, I'll take - and have taken - the former, but I can appreciate that it's not necessarily ideal for the average user. All I can think of is initially exposing devices to a curated version of the Play Store ala Apple but providing a way to access the unrestricted catalogue if you agree to the increased risk, but that starts to make developing for Android look less attractive and would cost Google more.