My understanding is that Jolla phones still have proprietary basebands and are thus no more secure than any other phone, since the GSM spec includes silent remote file pushing and the baseband chip has more or less unfettered access to the system.
That's correct. Currently both Android and iOS provide better security features than SailfishOS. The only security "advantage" that SailfishOS currently has, is obscurity.
I use SailfishOS because:
1) I prefer programming for GNU/Linux over Android or iOS
2) I prefer a decentralised development model (SailfishOS is made up of software by Red Hat, Intel, Mozilla, etc.)
3) I prefer the tight-knit, open, hacker community around SailfishOS/Maemo/Meego
