At least Facebook (unlike WeChat or Whatsapp) supports XMPP, so we can independently implement an encryption layer. Only problem, as usual, is getting everyone to agree on a standard.
On April 30, 2014, we announced the deprecation of the XMPP Chat API as part of the release of Platform API v2.0. The service and API this document covers will no longer be available after April 30, 2015.
Once version 1.0 is deprecated on April 30, 2015, chat.facebook.com and the xmpp_login permission will no longer be available.
We recommend developers who have integrated with the XMPP Chat API deprecate this functionality from their apps before April 30, 2015 to avoid broken experiences.
No, the problem is that all the major players are moving towards proprietary messaging protocols.
The problem that needs to be solved is one of having a fully encrypted, distributed messaging protocol (i.e.: no central server) with apps that are easy enough that gramma can use.
It's a shame that XMPP never really took off; even more so as a lot of people seem to be taking it as proof that no distributed chat system will ever take off. I think there are quite a lot of reasons end users would really like distributed chat, one of which is very much security. We need to learn why XMPP didn't take off and either a) fix it, or b) learn and move on.
(Which is why I'm part of a team building http://matrix.org/, check it out!)
However, I don't necessarily think we're ever going to get to a world where everything is end-to-end encrypted. There will always be trade offs involved when using encryption, and sometimes the trade off aren't worth it (a stupid example being public group chats).
It would be nice, however, if chat apps and protocols in general made it clearer what level of security is involved. Just like the average user is slowly getting to grips with HTTP vs HTTPS (thanks in part to the nice and simple padlock icon on most browsers), there's no reason that users can't be made aware of the security of a given conversation and medium.
Facebook, for all its woes, is still easy/useful when trying to organize events, and I really don't care that much if they are spying on that. On the other hand I don't really use facebook messenger since I do care about those conversations.
We need to empower average users to be able to make those same informed choices on who they trust with what.
I'm wondering if this trend of moving to proprietary protocols is because of business or because of technology. And it's not just messaging either.
File storage are moving from standard calls like fopen() to using the Dropbox API or Google Drive API.
Phone calls are moving from device-agnostic copper wire to Skype or Google Hangouts.
Taxis are moving from wave your hand to proprietary Uber API to proprietary Lyft API.
But then again, back in the day, competing products in a single market (e.g. Zip Drives vs. LS-120) were still sufficiently similar that it was possible to use a single API to access both (e.g. fopen()). Nowadays, competing products in the same market (e.g. Dropbox vs. Google Drive) are so different in implementation and feature set that it's inherently difficult to come up with a single extensible standard that covers both.
So are we now in an age where everything will remain proprietary for a few decades due to technological limitations?
It's so hard not to give a skeptics answer to this. When one hears FB, et al, talking about how many users they have, one can't help but think this is all business.
On April 30, 2014, we announced the deprecation of the XMPP Chat API as part of
the release of Platform API v2.0. The service and API this document covers will
no longer be available after April 30, 2015.
