[pkulak]

I totally agree, though I run my own Matrix server and still find value in e2ee because I don't really trust AWS (or maybe my ability to secure AWS).

I suppose I could run the service on a machine in my house, but that's not going to be good for uptime, the NAT screws things up, etc. Plus, even that could be hacked if I fuck something up.

[Andrew_nenakhov]

If you run a legal operation, you don't have to worry about hosting company admins logging into your database. That can be done only on police inquiry.

[pkulak]

Eh. I'm still not storing passwords, keys, documents, photos, et all, plain text in some RDS database.

[Andrew_nenakhov]

On photos/documents, you are in a tiniest of minorities: ~99% of all smartphone users store photos in unencrypted cloud services like Google Photos and use Google Docs and MS Office 365.

(But but chats are surely the holy cow and must be encrypted - strictly demand those same users, paradoxically)

And no modern server stores passwords in plain text, and keys are not stored on servers at all.