I don’t see refenece in this article or any others, but how did prosecutors get access to SBF’s Signal messages?
Was it simply a court order that he unlock his phone (and agreed), or a codefendant who flipped to the prosecution and handed over the thread?
For your use case, running a VM on your desktop should be sufficient. The VM could have disc encryption. So when you’re letting somebody else use your terminal, they can’t access your interesting messages.
Hyper-V has this built in I believe, QEMU does it as well, UTM on Mac OS makes it pretty easy. But there’s a thousand different ways to skin this cat
Most sensible way in my opinion would be for the Signal app to have a PIN and encryption on desktop, just like it already does on the mobile apps.