I don’t know who needs to hear this, but you shouldn’t trust any development that falls under the jurisdiction of the USA, Russia, or China

I don’t know who needs to hear this, but you shouldn’t trust any development that falls under the jurisdiction of the USA, Russia, or China.

While these countries may have a history of releasing source code, the actual apps or services provided can contain something entirely different.

Open source is not a magical guarantee that the software you install matches the code that’s published — nor that the server you’re connecting to is running that same code.

It’s easy to say “trust, but verify,” but most people don’t know how to do that. And even if you do, it requires constant effort — you'd have to verify every minor update or change. As for what’s running on a remote server or service, that’s not something you can independently validate.

Finally, if you’re living in a fascist country, self-hosting is risky. The weakest link isn’t the software — it’s you. You’re physically present, and so is your data — easily seized.

Ideally, your data should be as detached from you as possible, distributed across multiple national jurisdictions, and hidden behind as many anonymous screen names as imaginable. You should also avoid countries like the USA, Russia, or China, which are widely known for data mining and mass surveillance.