What about those who need to work with sensitive and/or confidential data?
What about latency-sensitive tasks like games? (Can't run a proper game of Tetris this way)
What is going to run on those clients?

All of this makes me convinced that this is just another instance of the latest fad.

Unlimited subscriptions without data go as low as €8 these days.

I see all kinds of technical and employer defending replies here, but this is straight up Orwell's 1984. This should be an absolute and no compromises "No".

That kind of logic is usually valid, but it does not apply here. This is a serious and well know company that is known to sell working cyber weapons like this one. If they claim this works, you have to err on the side of caution. Thus you have to assume that this works and that Signal is broken now and therefore you have to re-evaluate your threat-model and switch to different products if needed.

Advertising and tracking is! This can be done nearly perfectly in all kinds of apps.

In general I think this is a good thing. It makes technology nicer and easier to use for the masses and in a pretty secure way too. In general they don't know how to install extensions in browsers, but they are smart enough to plug something in. The cast stuff is great for those people. It also means that the cable-companies will loose subscribers and that less hd-receiver boxes will end up taking space in the landfill after about one year of subscription. The casts are smaller and will simply have a higher longevity than most other junk. Also in 10 years, no one will have a cable subscription anymore and we will be much closer to a scifi scenario in which you can push anything from your phone to any screen, everywhere you are. If it requires a closed source ecosystem and some bloat to get there, so be it. At some point in time either Alphabet will provide an API or someone will reverse engineer it.

If you are using a firewall to defeat malware you are just plainly doing things wrong. The only thing a firewall should be doing is to detect and block (D)DoS-attacks and connections to and from ip on ports you don't want or you are sure you don't need, while allowing connections from other ip's and ports you actually do need. If you really need to analyse all the traffic in your network, install your own root-CA in the endpoints and just MITM everything which needs to be on there. But you should seriously consider the implications of what you are doing, because you are basically circumventing everything that groups of people way smarter then you have been putting in place for decades.

Checksums won't work, but you can actually compare the instructions in the binary that are run. So if you can dump the memory of your car, you can compare a signed version against a compiled version, given that the manufacturer provides you with the source in the right way. Al lot of if's but it is doable if you really want it. It will take a lot of man-hours though, but that's just the way it is.

Yes! I think airlines and all companies exposing the public to potential life and death situations should definitely give a post mortem when critical systems fail, regardless of whether they are mechanical or not. However, if your local supermarket had a crash of their inventory management system, would you really care? No you probably would not because you will still be able to pay with cash and take your goods anyway. I think the line should be drawn somewhere near exposure to mortal danger. Therefore every company offering some sort of transportation service should be as transparent as possible and should have near-zero privacy.

I would not use a hardware device with biometrics since you can be forced to provide those. I'd rather use a hardware token which requires a PIN to function which only allows you to enter an incorrect number a few times before it wipes the key.