The unfortunate fact about E2EE messaging is that it is hard to do. Even if you do have reproducible builds, the user is likely to make some critical mistake. What proportion of, say, Signal users actually compare any "safety numbers" for example? There is no reason to worry about software integrity if the system is already insecure due to poor usability.
replySure, we should all be doing PGP on Tails with verified key fingerprints. But how many people can actually do that?
I've been making this argument for a long time, and it's never popular.
replyPeople want to believe in E2EE, it's almost like religion at this point.
Protecting people is synonymous with E2EE, even if you cant verify it, and it can be potentially broken.
I was even more controversial and singled out Signal as an example: https://blog.dijit.sh/i-don-t-trust-signal/
Same, my default MO is assuming 'e2ee' is broken and unsafe by default. Anything that I truly don't want sent over the wire would be in person, in the dark, in a root cellar, underwater. Not that I've ever been in the position to relay juicy info like that. Hyperbole I know, but my trust begins at zero.
replyWith e2ee please remember that it is important to define who are the ends.
replyPerhaps your e2ee is only securing your data in travel if their servers are considered the other end.
Also one thing people seem to misunderstand is that for most applications the conversation itself is not very interesting, the metadata (who to who, when, how many messages etc.) is 100x more valuable.
We don't even know if the passwords aren't stored in plain text.
reply