I don't think you missed anything. I don't see any reason to trust blackphone more than a properly configured Nexus.
The OS might have some neat UI for privacy stuff, but fundamentally if it's closed source and has a closed baseband (afaik, there's no phone with an open baseband), then there's no real security.
Is there no middle ground? Doesn't a device that changes your threat model from 'passive dragnet' to 'active compromise by a nation state' have some value?
The OS might have some neat UI for privacy stuff, but fundamentally if it's closed source and has a closed baseband (afaik, there's no phone with an open baseband), then there's no real security.