[valley_guy_12]

Unfortunately, you can't really trust a device, since there is always a chance that it could be rooted. See the long history of rooted game consoles.

The best you can do is sort-of trust the device. But that's not much better than not trusting the device in terms of the kind of architectures and products you can build.

[illuminate]

"you can't really trust a device, since there is always a chance that it could be rooted. See the long history of rooted game consoles"

How many get rooted without the user's intervention?

[randomdata]

I do not have an answer to your question, but in my mind the targeted attack is more concerning than a random drive-by that hits everyone. That means just one instance is too many.

As another example: In the earlier days of iOS, you could root it just by visiting a website. Who knows how many fell pray and have malicious code running on their devices today? With a targeted attack, you don't even get the benefit of security researchers all scouring over the code like you would with something more widespread, thus there really is no way to even keep track of what might be out there.