Comment by jedberg
2 years ago
You could, but you'd be adding complexity to solve a mostly non-existent problem. Security is rarely broken because the algorithm itself is broken. It's usually because one end has a key logger or other vulnerability. Or they are literally storing the unencrypted text in an unencrypted data store after reading it.
In the meantime, the added complexity adds new places for errors.
Yep, people who think about messaging security as a problem of sending data from one computer to another are missing a huge part of the attack surface. To fully understand the entire problem set, we need to consider the entire pathway from one human's brain to another.