True, unless it’s open source and maybe self hosted.
Edit: Nevermind, I’m right, I have no confidence in my own intelligence lol. If the key is on the phone and the phone stores the encrypted data to the server, that’ll be secure
Not necessarily. If you trust the code running on your device then there is no backdoor they could install on a server that would break e2ee. They would have to backdoor the client where the keys are.
That requires that you trust the app vendor not to have some sort of back door, no?
True, unless it’s open source and maybe self hosted.
Edit: Nevermind, I’m right, I have no confidence in my own intelligence lol. If the key is on the phone and the phone stores the encrypted data to the server, that’ll be secure
Not necessarily. If you trust the code running on your device then there is no backdoor they could install on a server that would break e2ee. They would have to backdoor the client where the keys are.