Say WhatsApp receives a request from some government saying they need the data. Period. WhatsApp complies by setting some flag on your account and now your client isn't doing proper E2E encryption anymore and it's all up to be intercepted. And when someone not on an intercept list goes to audit the network traffic, it all looks fine. Infinite possibilities here.
What makes people trust the advertised E2E encryption is really happening when they most need? Faith in these companies?
Peer review. And it's a moving target, skype used to be the recommended one back in the day, when it was decentralized. Right now openwhisper based systems are one of the better ones we have (so whatsapp and signal) that are sanely accessible with decent features.
What makes people trust the advertised E2E encryption is really happening when they most need? Faith in these companies?