Recent intrusive changes in the privacy policy of WhatsApp (including the sharing of never before seen amounts of unencrypted user data with the parent company Facebook) have prompted a mass exodus of WhatsApp users to the secure and open-source alternative Signal. I have been hoping for a change like this for years. I wrote a non-technical blog post about the problems with WhatsApp in detail, comparing the advantages and disadvantages of other messaging apps as well.
Guys, I use and love both XMPP and Matrix however I don’t see masses adopting them in fact I can’t even convince my immediate family to use them. People want reliable push notifications and cute stickers :-) I think Signal is a good compromise, I know it’s US based (I discuss this in the post) however it’s zero knowledge. The code is open source if there were vulnerabilities we would probably know by now…
The problem is that you as average user have no way to confirm that the app on your phone is actually compiled from the published source code. In that regard it would help if Signal was distributed through F-Droid, which compiles directly from source, but the Signal developers have explicitly forbidden that.
You can totally build signal from source yourself or just use their verifiable builds.