HEADS UP: If you know your way around computers and Linux systems, then host your own Matrix server instead. Matrix is more difficult to set up but is a better long-term solution because it is decentralized and is not attached to phone numbers.
SMS (texting) and telephone calls are laughably, leave-the-front-door-unlocked-and-open insecure. SMS is sent over cell networks completely unencrypted, allowing cellular providers to read and store every text. Providers can disclose the metadata or even contents of messages to law enforcement. Land-line calls are completely unencrypted and LTE calls (used by modern smartphones) are riddled with security holes. Telephone call metadata is logged by telephone networks and shared with intelligence agencies.
I drew a pretty diagram of the Signal protocol in detail above but I think I got too down in the weeds. I will give a simple explanation in the next paragraph. For other in depth explanations watch Computerphile's videos on how the first keys are established and how each message is made forward and backward secure. The seasoned cryptographer can skip those and read the whitepapers. If you are unfimiliar with Diffie-Hellman exchange, public-key cryptography please watch the linked videos before reading the explanation.
The goals of the Signal protocol are fourfold: (1) ensure Signal's servers can't decrypt user's messages, (2) prevent evesdroppers from decrypting messages, (3) let users communicate even when one of them is offline, and (4) thwart attackers that have even stolen the latest encryption keys from decrypting any previous messages or future messages (but not the latest one of course). The first and second goal is acheived by having every Signal user store his private keys on his own device and encrypting with them (or other keys that require his private key to generate). This is called end-to-end encryption and is the bare minimum for a secure messaging protocol. The third goal is met by Signal running a server that stores user's public keys (sent to the server when a user creates them), associated with their phone number, and relaying encrypted messages to their destination. A simplified view of the protocol is this: the sender (let's call him Dog) asks Signal's servers to send him his receiver's (call her Cat) public key, the server sends Dog her public key, Dog encrypts his message with Cat's public key, he sends the encrypted message along with his destination phone number (Cat's) and sending phone number (his own) to the server, Signal's servers stores the encrypted message until Cat downloads her latest messages from the server, the server (supposedly) deletes Cat's encrypted message, Cat decrypts Dog's message with her private key, and she reads it. If one is being a critical cryptographer, he may notice that Signal could send Dog their own public key that they generate instead of Cat's and perform a man-in-the-middle attack. Dog can verify that the public key Signal's server sent him is truly Cat's key by clicking on her contact, tapping "safety number", physically meeting up with her, and comparing "safety numbers".
The Signal protocol is a tad more complex than the preceding explanation since it has to meet the fourth goal of not allowing an attacker to decrypt all messages in a conversation if he comprimises their identity keys or latest message keys. Each user's identity key is a permanent key used for authentication and is in each of their keychains. A user's keychains also contain a prekey and a unique one-time prekey. Users generate several keychains and upload them to the server. The first message sent encrypted with a symmetric Diffie-Hellman key generated from the public keys in one user's keybundle (identity key, prekey, unique one-time prekey) and the private keys (just identity key and a unique ephemeral key) of the other user's bundle. Since Diffie-Hellman can generate the same key from a public key A with private key B and private key B with public key A, the reciever can look at the metadata the sender attatched, figure out what keys he must use to generate the first symmetric key, and decrypt the first message. So, why the complexity of multiple unique keyrings of the receiver stored on Signal servers and the sender's unique ephemeral key generating a symmetric key? Well, it forces an attacker who comprimsed the receiver's identity key to have to keep on comprimising the new unique one-time keys that the receiver is uploading to Signal's servers. The ephemeral key and identity used by the sender means the attacker would have to nab both (and the ephemeral key is only generated when they start texting). After they establish initial symmetric keys, the Signal protocol goes one step further. It uses a "double rachet" system to generate new symmetric message keys for each message based on a Diffie-Hellman exchange each message and the previous symmetric key. The Diffie-Hellman exchange ensures future secrecy (comprimisng a previous message key won't break all future messages) and the previous symmetric key ensures backward secrecy (comprimising a future message key won't let an attacker break the previous messages).
Signal is not the last word on secure messaging. Its servers present a single point of failure and it's phone number requirement makes anonymous communication a joke. Decentralized software like Matrix, XMPP, Tox, Jitsi, and Briar are all unique solutions to Signal's problems and warrant consideration by anyone seeking greater control and anonymity.
Use your distribution's package manager to update your local repositories, upgrade your old packages (if on a rolling release distro), and install the latest version of Signal. The command for Debian is longer because Signal is not in the official repositories so Signal's very own repository must be installed. If your distro's repositories does not have Signal then move to a real distribution or build Signal from source.
sudo pacman -Syu && sudo pacman -S signal-desktop
sudo xbps-install -Su && sudo xbps-install Signal-Desktop
wget -O- https://updates.signal.org/desktop/art-keys.asc | sudo apt-key add - && echo "deb [arch]=amd64] https://updates.signal.org/desktop/art xenial main" | sudo tee -a /etc/apt/sources.list.d/signal-xenial.list && sudo apt update && sudo apt install signal-desktop
sudo emerge --sync && emerge --ask net-im/signal-desktop-bin
After installing Signal, scan the QR code from your phone on the Signal app to set up your computer under your Signal account.