They have provided reproducible builds for almost a decade https://signal.org/blog/reproducible-android/ https://github.com/signalapp/Signal-Android/blob/main/reproducible-builds/README.md
They have provided reproducible builds for almost a decade https://signal.org/blog/reproducible-android/ https://github.com/signalapp/Signal-Android/blob/main/reproducible-builds/README.md
Most security experts who actually know what they are talking about do recommend Signal for most users, including [https://twitter.com/Snowden/status/661313394906161152](Edward Snowden), [https://www.schneier.com/blog/archives/2018/06/russian_censors.html] (Bruce Schneier) and [https://linktr.ee/glenngreenwald](Glenn Greenwald). Eveyone should consider whether they would rather follow the advise of people who have literally fought the NSA and read the entire Snowden documents or belive in the FUD spread by some people here.
The entire protocol is build under the assumption that you do not need to trust the servers. Let the NSA have then, it doesnt matter. On the other hand 95% of Matrix users are hosted on Matrix.org which was not only hacked several times, but would be an ideal target for any agency to compromise. Its naiive to belive the big Matrix hosts arent compromised. The only effective defense is to build your system around the assumption that the server is compromised, which is what Signal did.
I would recommend Arch, but only to users who want to learn and understand linux and have the time to do so.
What for? Running on a closed system there is no point to begin with.