There's an important detail which, for me at least, is surprising. From the paper:

No permissions required, OUCH. The permission system was already considered useless, because all apps abuse permissions, but this really puts a nail in its coffin.

You download a simple Wallpaper app, or whatever, that requires no permissions to check your call data and other bullshit. What harm can it do, right? WRONG. If the flaw is in the window manager implementation, I wonder if this will be even fixed! And other OSes might be vulnerable.

Isn't this a trend with all app stores now? There's little incentive for any developer to create something only to have it cloned the next day, and have your original app downvoted by the army of the "competition", e.g., http://www.reddit.com/r/gamede.... I'm starting to think there are more "rogue" apps than legit ones.

Many apps use Adware anyway, which is just a backdoor waiting to happen. Do you trust the developer not to sell you to the highest bidder? The information you hold might be more valuable than you think.

Personally, I forgot about the "Smart" in "Smartphone" for a while now. It's not worth the trouble I'll be in, if I get attacked successfully. I know someone who used an online bank app, and had her account hacked into, because she installed an app from an untrusted source. I'm sure you guys know many cases like this. In my view, any app store is an untrusted source nowadays :)

You speak alot about code rejuvenation and bringing old code to new standards. As you are working on C++14, many compilers do not fully support C++11 yet. In the past, it was even worse. Don't you think that this lack of feature support from compilers is a major problem and the biggest obstacle to code rejuvenation?