The app is open source and you could do something like a proxy or similar if you really want to be sure of what get sent from your client. The server is also open source too.
As moxie said, it's about raising the defaults of the world, not about making it secure for the crypto nerd.
> As moxie said, it's about raising the defaults of the world, not about making it secure for the crypto nerd.
The thing is, the attacks in the "crypto-nerd paranoia" category tend to become everyday attacks over time. Pre-Snowden, most people would put a lot of the things the NSA is doing into the "crypto-nerd paranoia" bucket. Now we know they were wrong to do so.
Signal routes all conversation metadata through one infrastructure, which becomes a very tempting target. By also requiring phone numbers as identity, they make it very easy to tie that metadata to real people and perform graph analysis on it.
As moxie said, it's about raising the defaults of the world, not about making it secure for the crypto nerd.