You're wrong. If the app developer is actually malicious this is true, but there are some non-malicious applications i just don't trust. Look at Sony, they're not malicious (e.g. they wouldn't record my password when they're not supposed to) but i don't trust them with my passwords (for obvious reasons).