> The idea of end-to-end encryption is just too broken. You always need to make sure that the implementation of the idea isn't controlled by the vendor from which it is supposed to protect you. But it is pretty much never the case, all the WhatsApps, Signals, etc. control implementations, updates and openly fight against attempts to decentralize or weaken that control, making sure that ultimately they are the ones deciding whether they get access to your data or not.
Note that the client side apps are available for researchers to study. If they find a back door, it will be a big publicity issue for the app vendor.
Your concern is still valid though. Both Whatsapp and Signal could announce tomorrow that they drop E2EE or add some feature (like a default on non-disable-able cloud based spellchecker) and there is nothing you could do to protect your correspondence.
Matrix is different here that it encourages independent implementations as well as end to end encryption.
Note that the client side apps are available for researchers to study. If they find a back door, it will be a big publicity issue for the app vendor.
Your concern is still valid though. Both Whatsapp and Signal could announce tomorrow that they drop E2EE or add some feature (like a default on non-disable-able cloud based spellchecker) and there is nothing you could do to protect your correspondence.
Matrix is different here that it encourages independent implementations as well as end to end encryption.