The issue becomes very difficult when you need to preserve message history reliably and allow account usage across devices. Because key management becomes tricky and clunky and there's no easy UX ways around it.
For ephemeral messaging like a SnapChat type use case, you can EASILY provide p2p encrypted. For services like Telegram and FacebookMessenger, their feature list requires cross device syncing, historical archiving, and those features don't play well with rotating keys, perfect forward secrecy, and other e2e encrypted messaging techniques.
I agree strongly with you that the direction to be taken is independent messaging clients for existing messaging channels as long as those channels allow third party API use.
What channel would you use to share the keys on FB? The Facebook API simply will not let you do that anymore. Direct messages have a character limit and you can't just post to someone's wall anymore.
I tried working on something like this for seecret.io but was confounded by the Facebook API's limitations.
Twitter is much better for that. Probably other network too.
You use Diffie–Hellman. "Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel." (https://en.wikipedia.org/wiki/Diffie–Hellman_key_exchange)
Once I read the article on messaging security, and non-standard clients were mentioned there as another serious attack vector. If you have only one client controlled by service provider, it is somewhat easier to reason about its quality. But if your peer can have any client, then your conversation is at risk, because your peer may not be hygienic enough, so exploit message may be sent to it from another contact and that will send all conversations to third party. E.g. though xmpp/otr is somewhat secure by itself, random security-unaware xmpp clients (tons of these) are a big concern.
The weakness of the chain is still defined by its weakest link. This is the case where it is maybe better to put all eggs in one basket and choose/validate entire baskets, not particular eggs.
I'm not a security expert, but that sounds reasonable imo.
It is? It looks more like the past... "MPP is an example of a federated protocol that advertises itself as a "living standard." Despite its capacity for protocol "extensions," however, it's undeniable that XMPP still largely resembles a synchronous protocol with limited support for rich media, which can't realistically be deployed on mobile devices. If XMPP is so extensible, why haven't those extensions quickly brought it up to speed with the modern world?". See https://whispersystems.org/blog/the-ecosystem-is-moving/ and disagree, deny or be sad if you want.
This is why you should never trust proprietary secure messaging solutions that offer you both the client and the channel.
The future of trusted secure messaging will be open source, auditable, independent non-native clients that connect and send over third party message channels independently.
One option is to store the files in Amazon S3 and only serve them over cloudfront signed URLs. There's ways to lock down the S3 access so that only a few Very Important tech leadership folks can get to it.
You can steal a JWT token the same way you can steal a session token.