Risk of revealing their attack and losing whatever exploit made it possible, if nothing else. The stuff Citizen Lab has published is also making problems for some of the companies selling spyware

I don't mean to be snippy, but this is kinda what the whole Cold War was about. There were constant consequences for the spying. For domestic I think we can point to Watergate, Contra Affair, Snowden Leaks. I have some more recent examples but I think mentioning them will result in arguing and move from the topic at hand. You may not agree that the consequences were severe enough, but there were consequences. I think there's also a strong bias in that consequences take place after (often months or years) and there's less attention given to them so we often aren't even aware. But if consequences do happen, it does mean the rage machine was effective even if far from optimal. Worth noting that there is a danger in lack of attention to consequences, since it can lead to apathy and thus actually enable consequent-less actions in a self-fulfilling prophecy.

There were several instances when a person of interest suspected something's wrong with their phone and knowing they can be a target of a government surveillance they promptly submitted their devices to security companies. That's how some zero-days were uncovered by Apple.

I think you and notpushkin are perhaps missing some of the "economic" angles on this. It's not just about the what, it's about the how. High value targets are highly likely to be following decent practices and at least staying up to date on software. Which implies that cracking iMessage would require use of a 0-day, of which there are not an infinite number at any given time, and which Apple will immediately eliminate forever if they discover it. Part of the point of highly targeted careful attacks is to stretch those out, it's not just about keeping the target from knowing (though that's not irrelevant), it's also about future targets.

So as with a lot of matters in intelligence work it's subject to cost benefit calcs. If using it against a given target means they are incredibly unlikely to notice and it can then be used again and again, it doesn't take much target value for a government to deploy it which pushes towards more mass use. On the opposite end if using it means it will immediately become useless ever again, then the expected target value has to at least exceed the market cost (which itself will rise more quickly if 0-days are being consumed more quickly vs production), every time. In between is a spectrum of less or more use. Apple wants it as far towards "use it and lose it" as possible, but Trevor Perrin's argument makes sense here: even a relatively small increase in percentage of "use it and lose it" amongst the population could significantly change the mean weighted cost for threat actors.

If they could know for sure whether a given counter measure was deployed that'd reduce the cost again, but if they can't there is indeed a population benefit. It's like a mine field, there don't have to be that many mines scattered around to really hurt people's willingness to cross it!

Has warrantless mass surveillance really become so normalized that such gross violation of people's rights is just casually brushed aside like some unsurprising everyday occurrence, so common it can't be helped? Lawyers and journalists are people too, they're citizens, human beings with rights and they don't deserve to be "monitored" by anyone. If "everyone knows" they're being monitored, why is nobody doing a thing about it?

All these three letter agencies operate in the darkness and away from the public eye. That's where they belong, because what they do to their own citizens is supposed to be unconstitutional. If they've really gotten so brazen as to operate openly instead of clandestinely and are still enjoying complete impunity then there really is no hope left.

You're supposed to meet up with that contact and verify the new key.

If even 0.1% of users did that, it would be 2 million verifications. And yet nobody has ever announced they have found a non-matching key.