What if it only does it at a much later point in time, or slowly via adding data to other comms channels? What if it only does it for small payloads by padding packet sizes to 1k? There are so many ways to get around this, unless we have open source and reproducible builds.
The point isn't to nab every thought-to-be-encrypted conversation on Signal. The point is to evade detection while compromising high-value message streams. Stepping through with a debugger is never going to execute the feature-flagged "pwned" mode.
