Depends on the permissions model of the OS, and if you trust the OS. Hence why Edward Snowden and Bunnie Huang developed the Introspection Engine [1].

It’s reasonable to assume that if you can’t audit and review the code of the app and the OS, you can trust neither and need safeguards at lower levels of the stack.

[1] https://www.tjoe.org/pub/direct-radio-introspection/release/...

You forgot the firmware of the headphones!

Corded headphones! :) at least until open firmware exists.

Ever tried to connect a corded headphone into a microphone jack? It works quite well

Is there some kind of diode for AC signals?

Yes, they're called amplifiers. Directional coupling circuits would apply in theory, but not in practice; they're good enough to do full-duplex audio over two wires, but not nearly good enough to deal with the sensitivity of analog inputs if you want to prevent a signal from being read.