Fediverse

Jurisdiction is not that important. Even if it was in Switzerland it'd have to comply with international law enforcement and warrants. The key is that sure Signal is obliged to give out whatever data it has, but the point is that it doesn't have much useful data to give. It's the same as Mullvad, and a far smarter approach than "lol we just gonna ignore the warrant huhuhu look at us we host somewhere in Shitzerfuck" (oh btw "We are in X country which is not in N eyes" is just marketing).

Oh and btw the same goes for instances of the fediverse (which are ran by volunteers you need to trust), and if they don't comply and the US government really wants to break into them they probably will find a way. Doesn't even need some complicated backdoors or anything it just needs to find an OPSEC slip-up, do some social engineering, arrest someone or at worst find a bug to exploit, and I can guarantee that unless you have some serious security wizards running your instance you're not beating the FBI there and if the FBI is really persistent and focused on you for some reason then the wizards won't be enough you need state actors.

If your threat model actually includes the US government (aka you're actually in danger and not some paranoia or just-in-case situation, be realistic with yourself) and there's credible threats you may be targeted by it or other governments then you're probably going to be using tor, briar, all that jazz, and wouldn't be on lemmy. If you're just some guy who just needs to message your family and shit Signal is perfectly fine, I can tell you that unless you're a serious threat to the government they won't waste resources cracking down ways to capture you via signal or whatever you use that is even somewhat secure (so no telegram, no WhatsApp, no messenger, etc), even if you're a minority or activist, if not because you're not important enough then because they have other easier ways to do it.

Edit: oh and btw Signal was banned in Ruzzia (a country way more authoritarian than the US currently is) because the FSB couldn't crack it so that goes to show it is pretty secure.

Signal is open source. They absolutely do always comply with US warrants. They have never provided any information to US law enforcement, because they can't access it. They literally have no way of accessing the information contained inside the texts. The most they could provide is metadata, but they currently aren't collecting that. I also think if they started, it would not work well for their user base. You can see all their requests for information, and the responses they gave, here: https://signal.org/bigbrother/

There is also simplex chat

Is Threema still a good option? Anyone know? I know it's not a fediverse instance just a secure messaging platform. On that note though, can any federated platform really be used as secure messaging? Or is it too open?

Let’s say the US gov starts agressively prosecuting dissidents and certain minorities (they already do): can and should we still use signal in this case?

Definitely no. Russian government already is aggressively prosecuting dissidents and you can't join Signal there. I don't know whether it's due to sanctions or if the government is blocking 2FA SMS messages. In either case, it is impossible to join without a phone number confirmation. At least I wasn't able to. I don't see the USA being that far off with all the recent TikTok drama.

We should stop being naive. Immersing ourselves as a society into facebook and twitter significantly contributed to the shit situation we are in now. Going to Signal seems like a short term solution. We should have some idea where to go on the long term.