I think they understand that quite well, that's why when security gets in the way they just find a way bypass it.

Security has to be usable, if it's not usable then (almost) no one will use it.

Systems like Signal and WhatsApp show that that's not necessarily true to the degree of previous solutions.

I think that the analysis is a little more involved than that. Roughly, I'd say that at any given point you can make "trivial" tradeoffs between security and convenience. However there can be some groundbreaking advances in one that don't cost you on the other. And then that point you may be able to do a "trivial" rebalance if you'd like.

> Systems like Signal and WhatsApp show that that's not necessarily true to the degree of previous solutions.

I dunno if I'd really believe that until either company is willing to put a rising bounty starting at say $10 million USD for a real* break. Then we'll see.

*not due to user carelessness or social engineering

They only manage that by compromising on other fronts. That is not an option with E-Mail.