Yes, you are correct. The solution is to build systems that function such it is incontrovertible that they have been compromised when they have been made to be compromised.
Build systems that function a certain way when they are unaltered, and when they have been altered they exhibit a different behavior and there is no way around that behavior.
And another way, as I’ve already said, is to facilitate the end-user to fulfill their own privacy in a simple way, like https was supposed to be. The end-user is “in control” of their own privacy, because of the way the software was designed and interacts with them, but the provider is not-in-control of how those features play out… just acts as a guiding light. Like how the power company gives you the juice, but they don’t dictate how much or how you use it.
