

I’d absolutely qualify it as non-secure in this context. Signal is E2E encrypted but there are no systems in place where it understands who’s added to a chat and validates access based on ACLs or anything. Authorization policies are critical in securing systems.
Source? Really dislike all these unsubstantiated claims everywhere.