I’m not sure I follow. You’re asking them how they know their own impression of something?

That would be a fair question, we generally don't come to our impressions by random choice alone. My guess is the value of the vulnerability on the black market would be significantly higher and Apple could afford to compete with that better if they wanted. Only the GP could tell us the reasoning for their impression though.

Which part? I feel that arbitrary code execution with root access is a pretty extreme thing to accomplish. But I might be mistaken!