Well. I personally am very annoyed that i can’t choose a specific pin for signal. That means my kid can read my messages, because yes… Keeping password from a child is neigh impossible. But my pin for element, fairmail, telegram he don’t know.
So i get a lot of the criticism. For me personally, it’s still a matter of trust. A future malicious molly version might eavesdrop. Signal will probably not do so.
Encryption at rest on an unlocked phone is probably a hard problem. But if somebody is targeting me to that extent, i am probably toast anyways.
I try to create enough usage so that journalists and activists can hide in the mob, and i can hide from fang.
I use element, but do worry about the local server implementation and leak of metadata.
My confidence in signal is greater than my confidence in a random fork. Privacy is hard… So I feel it’s better to trust something less than ideal, than to trust a random dude promising to solve all problems…
Not sure I trust a random repo here. I dont have the skill to look through the code. In this regard I prefer - after all - gboard. The changes me login credentials get stolen by google are smaller than the chanches I am duped into installing a random keyboard from github. Just based on my threat model and my skillz.