That's only if Signal and Whatsapp actually took any good lessons from WJCE. Both handle the difficult identity issue with the comparison of huge numbers just like with PGP. Usability studies have shown that this has worked out about as well as one might expect[1]. Worse, both cheerfully allow the use of unauthenticated correspondents without any particular warning to the user. WHCE identified the root issue as a failure to create and impart the required concepts to use the system. Signal/Whatsapp completely fail at this, instead the user is provide with a sense of security that is not warranted.

The PGP using community as least recognised that there was a problem. When has anyone ever organized a Signal/Whatsapp key comparison party?

[1] https://www.ndss-symposium.org/wp-content/uploads/2018/03/09...

The only issue with WhatsApp (I have no idea about Signal) is that, while it offers seamless encryption, it doesn't allow you to use an alternative client. Therefore, all trust has to be placed in the client and its distribution to ensure it doesn't mess up (intentionally or not). For the average Joe however I totally agree with you and it's a good baseline.

Security folks, especially on HN, are very actively hostile to alternative implementations and clients because in their mind it breaks security. Just see any Apple or Signal topic.

The walled garden lockin in by design for you to be safe.

Matrix.org is promising, in a "might start getting real traction in 10+ years" kind of way.

Stuff like https://techcrunch.com/2024/04/09/wordpress-com-owner-automa... implies that some folks are betting on Matrix having more traction sooner ;)