I've raised concerns about the Signal project whitewashing risks such as keyboard apps or the OS itself, and the usual response is that it's my fault for using an untrustworthy OS and outside Signal's scope.

At some point there need to be a frank admission that ETE encrypted messaging apps are just the top layer of an opaque stack that could easily be operating against you.

They've made encryption so slick and routine that they've opened a whole new vector of attack through excessive user trust and laziness.

Encrypting a message used to be slow, laborious and cumbersome; which meant that there was a reticence to send messages that didn't need to be sent, and therefore to minimise disclosure. Nowadays everything is sent, under an umbrella of misplaced trust.