yes and some of that data is already in other comments here
One thing to learn on the internet is to never ever go into the comments section
FTFY
I've always said CoCs are often just a false flag used to handwave dictatorship behavior away while hiding behind colorful interpretations of subjective terminology.
real linux-libre distros do not offer microcode packages because they are non-free
And never open your front door for any reason. If the cops or anyone else really needed you that bad, they'd be busting the door down anyway and you're already fucked six ways to Sunday.
Also cameras. Lots of them. Different brands. Offline recording. INSIDE AND OUT. Ask me how I know.
I would argue they're not safe to use because they block security updates like CPU microcode in the name of absolute freedom.
I'll take stories like this over the usual stuff any day.
F-Droid not being trusted. They build and sign a developer's code on their behalf, so there is a chance for injection there.
There are reproducible builds, but I would argue it's not taken seriously enough. Like right now nobody is publicly verifying Signal's supposed reproducible Android builds and they've historically had problems keeping it working.
Also how most (or all?) Play Store apps (including FOSS) contain proprietary code.
I assumed the topic was more about online privacy.
You can use your own builds of Signal (or preferably Molly-FOSS) including a self-hosted server. You can bring your own push notification as well.
It is when you're responding to people who think 5G is turning the frogs gay and activating hidden vaccine microchips.