But nothing is sure until it is confirmed.
Neither are bitcoin "confirmations".
Rely on good intentions at your own peril. Different people in different situations will have different levels of acceptable peril.
Everyone does a risk-cost analysis, and even 6 confirmations has risk. 3 confirmations as well and even no confirmations.
My point is to note that network propagation can and should be used as a parameter in software developers cost-risk analysis - because for the reasons stated above it offers less cost (time) per risk (chance of fraud).
We think that your assumptions are mostly correct, for now.
These things may of course change over time, but that doesn't mean the network (or in this case, just the client software) can't adapt.
EDIT: It's worth noting that such behaviour of miner's preference for transactions can be monitored easily and quickly. By simply trying to double spend on yourself (send a transaction to address A, wait for 95% network propagation, then send a transaction to address B), a general trend can be recognized.