There is https://hypersomnia.xyz/ but it is 2D top down. Pretty tactical though.
poVoq
It's likely Cloudflare related. Some of the larger instances are behind that, but many of the smaller ones aren't. Cloudflare isn't only a problem for VPN users, so its a good idea to avoid those instances as a user. You can still interact with their communities via Federation.
Wordpress is a pile of decades old php code* that is held together with string and tape pretty much.
*php isn't the problem itself, modern php is actually pretty nice.
Given how crufty Wordpress is, I don't even dare to imagine how bad the Tumblr backend must be that this is seen as an improvement by the developers.
No, they found some billionaires to do it 😉
There is also Google maps integration. Sure, it's not mandatory anymore, but if you install the official Signal app on a phone with Google play services installed, you are effectively not running an open-source app anymore and this potential backdoor is also not noticeable with reproducible builds.
F-droid has strict rules in place to prevent these sort of things for good reasons, thus the original comment is not entirely wrong in saying that an app that claims to be open-source, but can't be made available on F-droid is a red-flag.
The external Google dependencies I am talking about are loaded into the client not the server, so that's an entirely different issue.
I'll leave it up to you to decide if that is bad or not, but one of the reasons the Signal app can't be put unaltered on F-droid is because it loads in external dependencies from Google at run-time, which can also be altered by Google at will with any Android update.
No, if your system can't support 3rd party clients properly, it is inherently insecure, especially in an e2ee context where you supposedly don't have to trust the server/vendor. If a system claims to be e2ee, but tightly controls both clients and servers (for example WhatsApp), that means they can rug-pull that e2ee at any point in time and even selectively target people with custom updates to break that e2ee for them only. The only way to realistically protect yourself from that is using a 3rd party client (and yes, I know, in case of Signal also theoretically reviewing every code change and using reproducible builds, but that's not very realistic).
Now admittedly, Signal has started to be less hostile to 3rd party clients like Molly, so it's not as bad anymore as it used to be.
Good summary by the Possum as usual, but it stops a bit short on explaining the more recent phenomenon of the modern nation state that developed as a result of the French and similar revolutions.
Contrary to the warlord like states that cumulated in feudal monarchies, the modern nation state is an evolution of this concept in which the newly formed capitalist elites conspired with the administrative class to get rid of the previous rulers (the warrior class). By sharing some power like that, these elites can stay mostly anonymous and more easily push charismatic but easy to control "leaders" in their stead. The administrative class in return ensures the iron clad rule of private property, as this is ultimately the source of power in a capitalist society.
This symbiotic relationship in the modern nation state between capitalist and administrative interests on the basis of enforcing private property is important to note as it brings out an important point: a feudal state might be able to exist without capitalism, but capitalism can not exist without a state enforcing its basis of power. Hence so called "anarcho-capitalism" being an absurd notion.
I think XMPP is a nice supplement to ActivityPub instances for more private chat. You can quite easily hook the user database of Mastodon or Lemmy to an XMPP server and have the same user address work for both that way.