Regarding Navi's argument, Nokia
say the following, which seems to be relevant:

"Instead of a multi-user system such as a traditional Linux desktop, maemo is considered a single user desktop system. The security model in maemo is focused on protecting
the user from remote attacks and from his/herself, not from other users. Maemo also uses suid root binaries and /etc/password where as Ubuntu enforces the use of sudo
and shadow passwords.
Unlike Ubuntu, maemo makes use of a root account like Debian does but has a trivial default password. The user should really change the root password before installing
e.g. OpenSSH to the device with root login."

So in fact, rather than there being the defense that Navi imagines, it seems that a rogue application could easily become root on most NITs - assuming that the platform has managed to sell reasonably well to people who aren't Debian developers.