> Device compromise is outside the threat model for Signal or any software for that matter.

I agree about Signal - that's what they say iirc. Some software does take it into account. The point here is about security depending on much more than cryptography mathematics; Signal is just an example.