Could you expand on this? How would I securely communicate from a device that, say, has a kernel level implant? This is one of those cases where SGX/TrustZone would be immensely helpful but nobody has built a messenger that actually somehow fully lives in an enclave.
If you assume every device you use is compromised, how can you possibly use any encryption?
I don't think so. While I am not sure about what "devices" means it's common practice for example to assume your root password is always compromised. The consequence here is that you don't allow remote, password-authenticated root.
On a similar note services and networks should be treated as compromised as well, meaning you must use encryption, authentication and in general make sure to limit attack surface.
And all of that boils down that you should make sure you should not rely on services, users, etc. don't for example access personal information they are not supposed to access.
After all the problem with things like Ransomware is exactly that this isn't assumed.
