What does "end-to-end encrypted" actually guarantee?
Only the sender and receiver can read the content — not the service provider, ISP, or anyone in between. Metadata is usually still visible.
End-to-end encryption (E2EE) means messages are encrypted on the sender's device with a key the server never sees, and decrypted only on the recipient's device.
What E2EE does NOT hide: who you messaged, when, how often, message size, and your IP address. Apps like Signal minimize this; many others do not.
"Encrypted in transit" (TLS) is NOT the same as E2EE — the provider can still read your messages on their servers. WhatsApp, Signal, iMessage are E2EE; standard SMS, Slack, and most email are not.
Key verification matters: compare safety numbers / security codes out-of-band to detect man-in-the-middle. Otherwise you're trusting the provider's key directory.
Upvotes help us prioritise what to answer next.