The additional granularity of permission delegation would definitely be a way to improve on security. For a user like me though, that still might not be enough. I probably won't be trusting any apps that can do things with my account unless they are actually integrated into the Steemit website.

I don't know how many users are like me, but I am very wary of trusting any delegation of control over actions taken with my account. Even with voting or posting authority, a malicious app developer could do a lot with that access. (Especially if they wrote a good app that attracted a large user base.)

The thing that I am curious to see is whether this is a hurdle that we will overcome, and a decentralized network of stand alone apps is where we will end up; or if we will need to head more in the direction of a centralized Steemit platform with everything baked in.