I care because Signal is the kind of insecure app that gets people into trouble. I live in Turkey, with an authoritarian government. Security is a very importan topic for us, and Signal is just a sad joke.
Signal has a huge vulnerability: because Signal uses phone numbers, it leaves Signal users wide open to government retaliations and crackdowns. I can not recommend Signal to anyone living in authoritarian regimes.
This is the core issue. Signal devs refuse to acknowledge or fix this, which discourages people from using Signal.
You don't need phone numbers to find people. Usernames have been a thing long before phone numbers crept into the internet.
The most dangerous thread vector is the government forcing you to unlock your phone, and reading your messages. At which point using phone numbers becomes a huge problem.
Fancy encryption doesn't matter when it's obstruction of justice to refuse to unlock.
It's the threat model. E2E encryption is a niche 'nice to have'. Protecting the anonymity of people who have said nasty things about politicians is the most important thing a chat app needs to do. Signal is security theater until they fix this.
A phone number uniquely identifies a person because in most of the world you need a government ID to get a phone number or a SIM card.
Which means that if one account is compromised, then everyone that person talked to is also compromised. You know what they talked with whom. It's an incredible security risk that Signal devs refuse to acknowledge or fix.
E2EE isn't the magic solution everyone claims to be: https://xkcd.com/538/