I've come to believe that this can only be fixed with legislation and regulation. There are no technical fixes that could practically be deployed as there is far too much "attack surface" and anyway there is zero incentive to deploy them.
In the meantime: install as few apps as possible on phones, be careful about IoT and personal assistance devices, and use Apple or Linux (not Android) based systems as they seem to have the best record for security and privacy.
iOS exploits are cheaper than Android exploits because they are so plentiful. Plenty of apps on iOS have been caught activating the camera or snooping on the clipboard on iPhones.
iOS seems to be more privacy oriented (for the western market, where the government does not yet have the power to force them to comply) by default, while android needs more work put in. If you did as much as you could to secure both I'd agree with you that android is more secure.
I've come to believe that this can only be fixed with legislation and regulation. There are no technical fixes that could practically be deployed as there is far too much "attack surface" and anyway there is zero incentive to deploy them.
In the meantime: install as few apps as possible on phones, be careful about IoT and personal assistance devices, and use Apple or Linux (not Android) based systems as they seem to have the best record for security and privacy.