I don’t really understand how we are supposed to believe in e2ee in closed proprietary apps. Even if some trusted auditor confirms they have plumbed in libsignal correctly, we have no way of knowing that their rendering code is free of content scanning hooks.

We know the technology exists. Apple had it all polished and ready to go for image scanning. I suppose the only thing in which we can place our faith is that it would be such an enormous scandal to be caught in the act that WhatsApp et al daren’t even try it.

(There is something to be said for e2ee: it protects you against an attack on Meta’s servers. Anyone who gets a shell will have nothing more than random data. Anyone who finds a hard drive in the data centre dumpster will have nothing more than a paperweight.)

The unfortunate fact about E2EE messaging is that it is hard to do. Even if you do have reproducible builds, the user is likely to make some critical mistake. What proportion of, say, Signal users actually compare any "safety numbers" for example? There is no reason to worry about software integrity if the system is already insecure due to poor usability.

Sure, we should all be doing PGP on Tails with verified key fingerprints. But how many people can actually do that?

I've been making this argument for a long time, and it's never popular.

People want to believe in E2EE, it's almost like religion at this point.

Protecting people is synonymous with E2EE, even if you cant verify it, and it can be potentially broken.

I was even more controversial and singled out Signal as an example: https://blog.dijit.sh/i-don-t-trust-signal/

With e2ee please remember that it is important to define who are the ends.

Perhaps your e2ee is only securing your data in travel if their servers are considered the other end.

Also one thing people seem to misunderstand is that for most applications the conversation itself is not very interesting, the metadata (who to who, when, how many messages etc.) is 100x more valuable.