Signal I think. I don’t mean that the end2end algorithm or messaging itself are itself unsafe, the algo has been shown to be secure. This is what people usually rebuke this with, with the reminder of Signal’s OSS nature.

The issue the servers and the social networking data that can be harvested. The server code only partially exists in public and we just have to trust that that is actually what is running on whatever AWS server without tampering and self hosting is nearly impossible in practice if technically possible and nobody does it. The social network data (who talks to who) is more valuable than the actual messages logs, which give a massive, but mainly useless datasets. Until LLMs, like 10-15 years ago they were basically impossible to parse for any useful info without using large quantities of eye pairs. Basically if you are an organizer, criminal, government, part of a hunted opposition, you will leak the whole core group structure of your org with attached phone numbers. Whoever with that data can then target their devices and persons with other means. Plus it’s literally built on top of CIA money. I think signal is totally safe and adequate for friends and family type of use, but not much else, but then all in all so is whatsapp, mostly since signal and Whattsapp share the same end to end algorithm.