allowing a packet radio system to accept any/all packets from untrusted sources requires *really* good and time-tested code (and an architecture behind it). even the ip-stack, as old and reliable as it pretty much is, still gets hacked and we continue to patch it, as we find the bugs.
opening a radio up for reception opens you to many bad vectors. its safer not to do that, and yes, you lose some 'luxuries'. security is always a compromise that users have to choose where, in the spectrum, they feel comfortable.
with something like 'regular linux', when bugs are found, patches are usually released quickly and the 'regular linux' (desktop, server, even embedded) can pull from upstream and get the fixes installed. android, which is sort-of loosely based on linux (long story, not for here) does not have that architecture and so end-users simply cannot stay up to date, as much as they may want. they are 100% entirely dependant on others to do the patch incorporation and release and the reality is, that just does not happen (enough). you can't 'apt get update' on phones, not really. not as a regular user. and so, your phone is likely very very out of date, security wise, if its android based (with some exceptions, but they are not the rule).
I've seen cars 'rooted' simply by sending packets to something and that triggering a bunch of other things that got that guy root. I trust phones much less than cars (lol).
sorry for the long reply. its something I do for my day job and I kind of take it seriously.