Third party apps must be sandboxed, so they cannot disrupt battery life, network stack, or monopolise user interface, etc.
Solving the wrong problem. Battery life? Just peg the CPU. Network stack? Max the traffic. Sandboxes don't help.
If anything, both of these raise questions which are currently not being addressed by sandboxes, nor are they all that relevant.
Aside from a little fun for script kiddies, there is no money in draining the battery. Important questions deal with data, not hardware. Is there a way for some piece of my personal knowledge (bank account, email password, ...) to be shared with people I didn't intend to. That's a very hard question to define since it's hard to define exact relations between those pieces.
Why is iOS perceived as safe? Sandbox? The approval process, semi-automated "many eyes".
We have static analyzers, but hardware is a bit too complex and software not even remotely structured enough to allow automated proof preventing above issues. Instead of trusting some external gatekeeper, just prove that downloaded code doesn't violate any of given constraints (obvious complexity problems arise).
Web shows both sides of sandboxing. On one hand, if you take enough things away, sandbox becomes fairly secure. At same time, HTML5 has the ability to crash the OS (driver and JS VM related bugs through JS or canvas or WebGL).
Or, look at recent DNS block incident in a fully web-based form software. Some people decided to use the service for phishing by faking forms from banks.
Hardware/kernel exploits may sound attractive, but really aren't all that interesting. They definitely limit certain attack vectors, but still rely on user to make a judgement call - someone who roots their phone or perhaps installs untested software is just at same risk.
Sanboxes and other technologies are abstractions. Abstraction is a means, it doesn't need to hide or obscure underlying layers. That may mean different things in different context, sometimes allowing access to lower levels, or perhaps just having full access to source is enough. In some cases, hiding underlying layers may be beneficial, but just about all of the barriers today are for commercial reasons, not for sake of security or improvement of user's experience.
Process is all that matters. Phones are safe because of process, not because of tech. Similar to web, where security/safety depends on credibility of company. Despite one of most robust sandboxes, web remains one of least secure platforms for stuff that matters.
Another interesting aspect is game theory and determining how trust works and how risks are mitigated, which does answer why magic sandboxing is very viable solution - but unfortunately one that many take for granted: "How could this happen, I did ....".