Signal being an American company is also problematic.
These two are the best balance of security/convenience, however.
server location and legal jurisdiction shouldn’t matter for any truly secure messenger
if a messenger is truly 0 trust end to end encryption, it doesn’t matter who owns the servers or the legal protections of data because they won’t have any data anyway. that’s why signal is so good, when they get subpoenaed the only information that they actually have is the last connection and message sent unix times or something. still secure regardless of being in the US and being run on centralized Amazon, google, and cloudflare servers.
Interesting. Are the server and client open source? Is a self-hosted server interoperable with the main ones?
Signal is completely open source and auditable by anyone: https://github.com/signalapp
if you were to create your own clone, it would not interoperate with the real one.
