I've decided to stop using Signal for my private conversations. This decision comes from a broader reflection, also informed by the discussion on the forum, where it becomes apparent that over the past few years Signal seems to have gradually softened both its ideological and practical distance from ecosystems like Google.
Even if the exact details are not always transparent, it is clear that something has changed within the structure and governance of the foundation, and that this shift has significantly influenced the direction of the project. These changes raise legitimate concerns that, imho, cannot be adequately addressed by simply repeating that everything is end-to-end encrypted.
Saying "communication is encrypted" is not sufficient to meet the standards of a true zero-trust model. There are still unresolved questions regarding metadata exposure, infrastructural dependencies, and the overall transparency of the system, and these issues cannot be dismissed with overly simplistic assurances.
A recent example that reinforces these concerns is the introduction of encrypted cloud backups. While they are designed to preserve privacy through strong cryptography, they also introduce persistent user data on Signal's infrastructure and increase the overall system complexity. This does not necessarily mean that Signal can access user data, but it does imply a shift away from the original principle of minimizing server-side state.
For the time being, and until I am able to fully migrate away, I will rely on Molly as an alternative. It is a solid option and aligns better with certain security and control requirements, although it is not, by itself, a complete solution to all the concerns outlined above.