Comment by dijit
14 hours ago
I've been making this argument for a long time, and it's never popular.
People want to believe in E2EE, it's almost like religion at this point.
Protecting people is synonymous with E2EE, even if you cant verify it, and it can be potentially broken.
I was even more controversial and singled out Signal as an example: https://blog.dijit.sh/i-don-t-trust-signal/
Same, my default MO is assuming 'e2ee' is broken and unsafe by default. Anything that I truly don't want sent over the wire would be in person, in the dark, in a root cellar, underwater. Not that I've ever been in the position to relay juicy info like that. Hyperbole I know, but my trust begins at zero.