There are many arguments for and against sudo etc... But the simplest is this:

Every Unix box has a root user. It may be disabled or not used but it is a common feature. Root is a "known target".

To hack your personal account on a unix box they have to guess your username and your password.

Actually I run the ssh daemon all the time on my 770 so I can do scp commands to push a file easily. But I gave user a password and I set up my system to authenticate using keys to make the process easier. If I was really security paranoid I would disable password login to ssh and require keys. Good luck hacking that. I'm sure it could be done but the level of effort it would require would not be justified on my system.
David