I see this EFF tool guide, proposing WhatsApp as one of "our pick of the best, most secure applications" source.
How can WhatsApp be trusted as a secure application when it is not open-source (according to Wikipedia: "license: freeware"), in contrast to Signal (according to Wikipedia: "All Signal software are free and open-source")?
I know that WhatsApp uses the Signal Protocol library for implementing the Signal Protocol, but is this enough to consider it a trusted secure application, and place it at the same level of trust as the Signal opensource client?