[akerl_]

This seems to pick an arbitrary expansion of what “end to end” means, where “end” is “the OS layer on the source/destination computers”.

What if the monitor is backdoored and sends copies of the display buffer to The Secret World Government? What if the keyboard has a hardware keylogger? What if we’re all living in an elaborate computer simulation of a global pandemic?

As an alternate comparison: it’s still end-to-end encrypted communication if I take the securely received message, print out a copy, and tape it to a bulletin board at the town square.

The “end-to-end” refers to the transmission path. It’s a defense against MITM, and can be accomplished by plenty of systems that aren’t Linux.

[beders]

Yes, I understand perfectly what is is.

But people attribute security properties to it that it doesn't have!

What good is protection against MITM if I can just read it off your device while you type it?

You have no security with mobile devices. It is foolish to think so.

[akerl_]

I feel like you meant the question to be rhetorical, but for the sake of clarifying: there is tremendous value in protecting against MITM, even if there remain other attack vectors.

Encrypting traffic end-to-end over the network protects against entire categories of attack. For some attackers (for example: ISPs), end-to-end encryption essentially removes their ability to compromise traffic contents. For other attackers, it forces them to ignore those categories of attack and instead narrows them to things like compromising the device. Notably, Linux is not magically immune to device compromise, even if you’re running a magical open-source BIOS. And unlike Windows/OSX, Linux doesn’t have Apple/Microsoft paying large, motivated security teams whose work is pushed to all their devices. At best, Linux has commercial distro providers like RedHat paying for security work. At worst, it relies on the good will and skill sets of open source maintainers. In trade, Apple/Microsoft offer lower customizability/visibility into the OS. But since the average user is not interested in (or qualified to do) security hardening of devices, Linux isn’t likely to buy them anything meaningful in the field of device security.

All of this is to say “life is hard. We shouldn’t make it harder by protesting the concept of E2E encryption due to the obvious fact that it does not cure all ailments.”