Well, CyanogenMod is pretty much the standard for Android firmware (regardless of where it came from), and it is built from the Google source tree. It isn't anonymous hackers, so lay off the Kool-Aid.
Hell, Samsung hired the founder of CyanogenMod and even gives them devices to test with. Pretty reputable bunch really. You also don't understand how a rooted phone works. If any application wants root, there is a big ol warning prompt telling you that "Application X wants root access, allow? " Stuff can't just run as root without you having to allow it. Basically it works just like Ubuntu and Win7 for administrative prompts.For any of the aftermarket Android ROM's, all the source code is out there to look at, so it's kinda hard to pull a fast one. XDA is also a pretty tight community, so a bad apple would get kicked out kinda quick. On the other hand, the iPhone still has security issues lurking in the middle of it which is what allows jailbreak, and Apple can't do anything to secure them until at least iPhone5. Last company I worked at, wouldn't allow iPhones to sync due to inherent/unfixable hardware security issues, but Blackberry and Android devices (rooted or not) weren't impacted. In fact one corp app required root access, so that wasn't a problem.
