E2EE is a technology that was designed to protect the content of a message from interception while in transit. It becomes a significantly more complex design if that communication involves multiple endpoints. 

Typical consumer communication applications, however, do not encrypt between the “microphone” and the “network”, leaving a gap in the communication path for interception. For example, to provide transcription services, these applications also still leave E2EE communication vulnerable to unwanted interception. 

With software vulnerabilities making devices open to exploit, it is important to ensure a device’s design is secured by default. The UK Government initiative known as Digital Security by Design (DSbD), delivered by UKRI, is working with the tech industry to block by design around 70% of these ongoing vulnerabilities from exploitation. Making technology inherently more secure would help close this gap in E2EE and prevent attackers from intercepting communications through software vulnerabilities.