Wouldn't a client certificate from e2echat protect that kind of attack ? Since even when a man in the middle offers u a server cert u accept, the e2echat servers can't validate the client certificate from you anymore
(Still bad but would at least protect connections from ever talking to e2echats servers)
(Still bad but would at least protect connections from ever talking to e2echats servers)