Encryption isn't just about keeping secrets. When correctly deployed it also prevents tampering; when your comms are insecure, it's quite easy for a MITM to inject or remove content.
This is not hypothetical, although most of the large-scale attacks of this nature have focused on the web. What sort of havoc can someone cause in your organization by injecting fake chat messages? :-)
Indeed. However my point wasn't that we shouldn't have TLS connection to the server, but rather than end-to-end encryption (ie client to client) doesn't make a whole lot of sense on public channels since the comms are public.
This is not hypothetical, although most of the large-scale attacks of this nature have focused on the web. What sort of havoc can someone cause in your organization by injecting fake chat messages? :-)