One more comment: If I understand this correctly, the Trezor use case for signing transaction never reuses adresses. If k=1 was used all the time, only the private keys of the dead address will be revealed. There is still no known way to steal your BTC in this scenario.
iirc knowledge of any deterministic private key compromises whole seed, all addresses
http://satoshilabs.com/news/2013-10-31-celebrate-day-of-bitcoin-with-trezor/#more-206will you update the number of stolen or lost coins?