Thanks for much detailed comment. That helped me alot and answered all of the questions from my head. Eventually, I am not a criminal or activist. Looks like its secure and private enough. At least there is some eyes as Meta, Google etc. I will mind self-hosting. Thank you again for your labor. Goodbye.

Oh, thank you. First key didn’t work but the second did. That helped me very much. Thanks for help again, goodbye.

+Visited the AUR site of Arch about librewolf-bin. Executed commands that pinned user recommended. But there is another error.

Used commands

gpg --keyserver hkp://keyserver.ubuntu.com --search-keys 031F7104E932F7BD7416E7F6D2845E1305D6E801

gpg --keyserver hkp://keyserver.ubuntu.com --search-keys 662E3CDD6FE329002D0CA5BB40339DD82B12EF16

The error for both commands

gpg: error searching keyserver: Connection closed in DNS

gpg: keyserver search failed: Connection closed in DNS

Do I have anything to do with my ISP? Or only local problem?

I mean fail as error. Like, I did something wrong at commands. I haven’t verificated the iso about its valid or not. That’s the thing I’m worried about. I asked can I verify with other ways without the iso. But I decided to do clean re-install. Thanks for comment. Goodbye.

Better guarantee it haha. I did nothing except using unnecessary documents and surfing on the net. And maybe some games. I used archinstall for it but now, I will set it up customized and nonscript. Maybe fresh restart would be better. Thanks for the help again. Goodbye!

So sorry for labor. There is a lacking information by me. I created the bootable at my previous OS, so there is no same .iso file. Only extracted version on my USB and installed version that is running on my PC. Can I see the mirror source from the extracted version?

Oh, I didn’t know that. I just downloaded iso and iso.sig then used gpg commands. The thing I’m worried about is, maliciousy chance of the iso. I probably used German or French mirror to download the iso. Then, failed the verification. I am using unverificated iso’s Arch Linux now. Can I know if I had any tracker, keylogger or mining software etc. ? Usage is normal and smooth as how it have to be. But idk… Just worried. I still have the same bootable USB that the iso was extracted into. I have a FreeDOS unnecessary PC. Can I verificate the bootable by executing any verification command while I’m at the installation process? Or, can I verify or check my operating system’s originality at post-installation era of my main PC? Thanks for comment.

I did download and set the bootable at my previous OS, Fedora. Now the iso is not reachable and I forgot the mirror that I downloaded from. I still have the usb card I used for installation. Can I do any verification over it? Thanks for reply and relaxing info.

It has end-to-end encryption for messages and its clear. But, I haven’t looked at their source code yet and don’t know which types data they send. Not only contacts, maybe more spesific things that is not encrypted. Just wanted to know it. But its exact that they give our numbers for verification. Thanks for comment. Goodbye.

It is a bit complex but at least we can say its safer than Meta. Still looking for sources and if I find something clear, I will add here for other Lemmiers. Thank you and Goodbye.

Thanks for reply. I know I can’t be totally free from Google. I mean de-Googled as the packages and direct services. My phone model is don’t compatible with popular Custom ROMs like Graphene, Lineage, Calyx and /e/ etc. And don’t want to use unofficial ones. I mind buying a compatible phone or Pixel. Thanks for advice. Goodbye.

Yes, I did updates and I’m updating my system 3 days to 3 days. I tried all ways that is possible for me. Tried the bin version and normal version. Used yay too. I will delete Librewolf and try it again. Will add the error message. Thanks for your comment. Goodbye.

Idk is there any privacy or safety issues and looking for it. But the app is working as normal. Fast, all features included and getting updates normally. And should I do something about the editing the title or is it solved? Thanks for comment.

Thanks for reply! I have a Samsung phone that De-Googled %100~ (exclude some important Android depencies based on Google). I restored GMS for auth in Signal. After the auth, I uninstalled it back. There is no Youtube, no Google - Chrome, no Spotify etc. Just FOSSed and de-Googled phone. Do I still using Google Services indirect ways because of Signal? Is it possible to be another third-party sharing except phone verification?

There was Arch Linux option and Flatpak option for Discover to download Librewolf. But the Arch Linux option was unable to click (I think its the same problem), so I used the Flatpak one. I have downloaded some apps from Flatpak too, what are its major cons? I didn’t know about the package installers differences, but I will research for it. Thanks for important info. So, what you think about the gpg problem about DNS? Some forum says its because the Tor connection but I have nothing about it. What should I do?

I checked but not totally understood as a newbie… I fixed it using Discover app from KDE. But thanks for helping. Goodbye.

No, just cant import the keys. I tried for librewolf-bin and librewolf but it only says gpg: keyserver receive failed: DNS bla bla (I just typed it from my head but it was something like that). It gave DNS error but don’t remember it. But I fixed it by using Discover app from KDE.

Most sane CS player.

Thanks for information. I was thinking about self-hosting nowadays, that will make it quick. Goodbye.

I understood clearly what you said. Thanks for detailed text. The protocol uses end-to-end encryption, yes. But, I didn’t understand what type of information is being leaked. Do you mean e-mails, phone numbers, profile pics etc. as metadata? If I use another server or self-hosted server, can I avoid the leak. And not only matrix.org, Element uses same types of informations. Element’s permissions was a bit high in Android, Flatpak etc. I’m using Element on my GNU desktop and not on phone. No phone number, no profile pic, no e-mail; only username, server and password. Do I still give information?