bitahcold

Thanks for much detailed comment. That helped me alot and answered all of the questions from my head. Eventually, I am not a criminal or activist. Looks like its secure and private enough. At least there is some eyes as Meta, Google etc. I will mind self-hosting. Thank you again for your labor. Goodbye.

I mean fail as error. Like, I did something wrong at commands. I haven't verificated the iso about its valid or not. That's the thing I'm worried about. I asked can I verify with other ways without the iso. But I decided to do clean re-install. Thanks for comment. Goodbye.

Better guarantee it haha. I did nothing except using unnecessary documents and surfing on the net. And maybe some games. I used archinstall for it but now, I will set it up customized and nonscript. Maybe fresh restart would be better. Thanks for the help again. Goodbye!

So sorry for labor. There is a lacking information by me. I created the bootable at my previous OS, so there is no same .iso file. Only extracted version on my USB and installed version that is running on my PC. Can I see the mirror source from the extracted version?

Oh, I didn't know that. I just downloaded iso and iso.sig then used gpg commands. The thing I'm worried about is, maliciousy chance of the iso. I probably used German or French mirror to download the iso. Then, failed the verification. I am using unverificated iso's Arch Linux now. Can I know if I had any tracker, keylogger or mining software etc. ? Usage is normal and smooth as how it have to be. But idk.. Just worried. I still have the same bootable USB that the iso was extracted into. I have a FreeDOS unnecessary PC. Can I verificate the bootable by executing any verification command while I'm at the installation process? Or, can I verify or check my operating system's originality at post-installation era of my main PC? Thanks for comment.

I did download and set the bootable at my previous OS, Fedora. Now the iso is not reachable and I forgot the mirror that I downloaded from. I still have the usb card I used for installation. Can I do any verification over it? Thanks for reply and relaxing info.

Thanks for reply! I have a Samsung phone that De-Googled %100~ (exclude some important Android depencies based on Google). I restored GMS for auth in Signal. After the auth, I uninstalled it back. There is no Youtube, no Google - Chrome, no Spotify etc. Just FOSSed and de-Googled phone. Do I still using Google Services indirect ways because of Signal? Is it possible to be another third-party sharing except phone verification?

Most sane CS player.

Thanks for information. I was thinking about self-hosting nowadays, that will make it quick. Goodbye.

I understood clearly what you said. Thanks for detailed text. The protocol uses end-to-end encryption, yes. But, I didn't understand what type of information is being leaked. Do you mean e-mails, phone numbers, profile pics etc. as metadata? If I use another server or self-hosted server, can I avoid the leak. And not only matrix.org, Element uses same types of informations. Element's permissions was a bit high in Android, Flatpak etc. I'm using Element on my GNU desktop and not on phone. No phone number, no profile pic, no e-mail; only username, server and password. Do I still give information?

Thanks to previous comments, understood the thing I was wrong and decided to use Arch relaxedly. Now I'm using Arch. Thanks. Have a nice day.

I can say I don't have enough experince to say anything about different distros. Its my first year and I didn't changed OSs too much. I want to get new experiences and different types of things. And I liked that labor-needy and fully-controlable vibe of Arch. And just decided to Arch but I was worried about sths. Thanks to previous replies, I understood what I have to. Thanks. Have a good day.