Lots of assumptions there, but you're right. However, it's common wisdom that no encryption survives someone getting physical access to the device, and bringing said device within bluetooth range of fedboys is equivalent to handing it to them.
Yup. There's a reason it's common knowledge you should
NEVER bring anything besides a burner phone and a burner laptop with you if you ever attend a DEFCON. It'll get hacked anyway, but at least it's got nothing important or sensitive on it.
As for your other points, I can shed a bit of light.
1: They can't actually mandate OS updates, but they
can mandate carrier-specific cellular radio software (it's a separate bit of firmware from the bootloader and OS). Typically they don't do this (there's an agreement among GSM modem manufacturers and telecoms regarding version numbers, minimum required features, etc., and that feature set includes "always-available 911/emergency service," "FBI backdoor to auto-activate microphone recording even when main device is powered off (or your country's equivalent)", and whatever minimum handshakes are required to register to (and operate with) the network itself.
2: Apple has had backdoors from the beginning. That high-profile incident years ago where Apple "stood fast" and refused to divulge encryption keys to the feds to force-unlock a phone was nothing but press and hot air. Android was more secure to start with, but because it's open source and every manufacturer bakes their own, assume it's wide open. Samsung, Motorola and Google all openly cooperate w/the feds.
3: 100% correct. Unless they're literally distributing these things on-site pre-protest and collecting and scrambling them after the fact (on-site), the first time one of these things hits a protest, it's "contaminated" and leads straight back to each protester's home with 1-meter precision.
4: Signal is the exception to the rule. Assume no application on a mobile device is secure. Even if the apps are using HTTPS for their API calls, the OS can happily eavesdrop anyway, and besides, all the major apps and games (Discord, Facebook, Instagram, Roblox, Fortnite, Minecraft, etc.) all record all conversations and auto-narc to the feds anyway.
The great Achille's heel to all these clever little "cells" is they're using electronics to coordinate their movements, and that
will always eventually be infiltrated or compromised. It only takes one bad actor to expose everything, and even with apps that "delete history on close," things have a way of being recorded and archived anyway. The Weather Underground was a dangerous organization in the 70's because they mostly organized things (loosely) in person among trusted people in known-safe locations. Traceable electronic communications were non-existent.
This lot? They're so addicted to their phones and other gadgets they're all leaving an electronic snail trail a mile wide. It'll only take a sufficiently pissed DOJ or DHS or FBI or whatever to start sniffing, and there won't be any escape when they do.