I think we miss the main point when we start talking about what they deserve.

Canonical should not state apps are safe. Users should not do all of the things that Juan says but that could be ignorance.

Bottom line, a hard lesson was learned. When you trust others, you are depending on them. That is risky. Canonical should either do a much better job vetting apps or remove this safe language. False security is VERY dangerous.