Could use a hardware LED to inform user key input is secure. Could also reserve part of the screen for OS messages.

This prevents hostile apps from stealing your root password, but doesn't stop them from tricking you into giving them root access (which is nearly as bad).