[zzzcpan]

There is huge difference between relying on libraries or independent implementations of software in a form of source code that may or may not have bugs, and relying on an organization that sends binary blobs to you, that has to keep their development process secure, infrastructure secure, physical security, developers not compromised, backdoors not forced through laws, state agencies not threatening and forcing to implement backdoors, etc. OpenWhisperSystems essentially asks you to trust they can do all of that, but of course they can't, while an open source PGP implementation doesn't ask you to trust them and rely on their competence on running highly secure infrastructure. So, don't be fooled by propaganda organizations put out, there is a huge difference in what you can rely on and Signal here is exactly as weak as EncroChat.