[aeturnum]

None of these suggest you shouldn't use signal - or that it's not meeting its goal of secure communication (except the last one I suppose).

Signal is not without flaws as you say, but if you have a phone number and can access a binary, there's every reason to believe it will securely and privately transmit your messages. You are also, ofc, free to fork their client and run your own service (as others have done).

[krageon]

There is no reason to believe it is secure, as it doesn't have reproducible builds. What you download has binary blobs embedded.

[aeturnum]

Signal has repeatedly been audited[1] so there's more reason to believe the protocol has the capacity to be secure than other options. Obviously if you believe the company is actively subverting their goal, you should use your own fork.

Edit: to be clearer - signal both publishes a protocol (that is thought to be secure) and provides a public service (that claims to use the signal protocol). Signal has claimed that the binary blobs they add to their public client (and the other restrictions) are required to run a public service (anti-abuse, etc). You are free to believe them or not - I do.

At the protocol level, which you are free to use, none of the problems you or the ancestors have pointed to apply. All of the alternatives people are pointing to here are at the "protocol" level - accessible only if you or someone you trust has setup a node. There's nothing wrong with that - it's a good idea - but it's no reason to attack signal's service for not being a protocol (which they also provide).

[1] https://community.signalusers.org/t/overview-of-third-party-...