Even if Signal's encryption implementation is secure, the device on which it is running probably doesn't satisfy TEMPEST requirements. Most consumer crypto is vulnerable in some way to a side-channel attack.
None of that matters if Signal is running on what is effectively a personal device connected to the internet. That device is now the weak link and is what intelligence agencies in many countries are now probably trying to get into.
Exactly. And Pegasus is what we know about. I'm sure there's plenty we don't know about that's used for more high profile targets, like former Fox News hosts.
