Signal didn't back up contacts and settings to their servers until they implemented "Secure Value Recovery", which relies on SGX to rate-limit guesses of a weak PIN. If SGX is broken and Signal's database falls into the wrong hands, encryption keys could be brute-forced pretty quickly (most people have 4-digit PINs).
Its not perfect, but the more people in on a secret the harder it is to keep. Its much harder to have to coerce both intel and signal (even if you hack intel, you would still have to modify signal's servers from what i understand) than just signal.
NSLs are a subpoena. The government can't order you to include a backdoor. Granted, they have other leverage they could use, like export licenses or purchase contracts.
> The government can't order you to include a backdoor.
Right, but it can order you to turn over your private keys, like it did to Lavabit[0]. Intel might instead voluntarily hand over a signed backdoored firmware, targeted at a specific set of CPUs, rather than the keys themselves, which could do more damage if the government lost control of them.
Similarly I don't suppose it would be much harder for the NSA to get access to the physical servers that Signal is running its software on. Perhaps you could say that merely having the access credentials wouldn't be enough information for the NSA to take control of Signal's servers without them noticing, but any cloud provider that wants to do business with the government surely has special backdoors that make this easy, when presented with an NSL.
