[vore]

The Signal client has always been open source: you can inspect precisely what the client is sending to the server (if you trust the source). If you're not sending undesirable information from the client to the server, no amount of closed source-ness of the server is going to get that from you.

Signal has always been transparent about what information get sent to the server: https://signal.org/blog/private-contact-discovery/

Even if some adversary is doing some kind of correlation to glean metadata from your traffic, they are definitely doing the table stakes here to preserve privacy and not just send your information off willy-nilly.

[yieldcrv]

yes, we can transparently see that it is a failure of a solution due to having our phone number and check this out: Signal's application isn't the only participant in Signal's application we don't want having that

speaking of dense exotic matter https://en.wikipedia.org/wiki/White_dwarf

[_8j50]

Backdoors are funny that way, sometimes the client operates correctly but a weakness in implementation can be abused by the server. Not that i know or think this is happening but they do insist on that phone number at all costs which these days is more identifying than a finger print which allows targeted exploitation if the server facilitating connectivity was hostile for whatever reason.