The crux of the matter is verifying that the public key you're told is the public key of the other person, is actually the public key of the other person. If you do not verify this out-of-band, then the server can generate a new keypair for each recipient and it would go like this:
- Alice encrypts message using FAKE public key of Bob (she was told is Bob's key by the server), sends it to whatseverapp server so it can be delivered to Bob when he sign on.
- Whatseverapp server has FAKE private key for Bob (it generated that one itself, after all), decrypts message and notifies the corporate overlords/government/Russians/AdSevers/Illuminati of contents.
- Whatseverapp server encrypt message using REAL public key of Bob, sends it to Bob
- Bob decrypts the message using his REAL public key, reads it.
This out-of-ban verification is nothing you can automate or do once-for-all, like analyzing the binary for bad stuff. Each user has to verify the key of the other users. Which very few people actually do.
Also, you make it sound so easy to analyze an app binary. You can relatively easily prove it does certain things; but to prove a negative, namely that it does NOT do certain things is far more difficult at least and outright infeasible or even impossible in other cases (compare with halting problem). This is why security vulnerabilities happen, and a backdoor is more or less just a security vulnerability that didn't happen by accident or incompetence but deliberately - which may mean whoever put it there might have spent some time to obfuscate it even further to make it harder to find.
- Alice encrypts message using FAKE public key of Bob (she was told is Bob's key by the server), sends it to whatseverapp server so it can be delivered to Bob when he sign on.
- Whatseverapp server has FAKE private key for Bob (it generated that one itself, after all), decrypts message and notifies the corporate overlords/government/Russians/AdSevers/Illuminati of contents.
- Whatseverapp server encrypt message using REAL public key of Bob, sends it to Bob
- Bob decrypts the message using his REAL public key, reads it.
This out-of-ban verification is nothing you can automate or do once-for-all, like analyzing the binary for bad stuff. Each user has to verify the key of the other users. Which very few people actually do.
Also, you make it sound so easy to analyze an app binary. You can relatively easily prove it does certain things; but to prove a negative, namely that it does NOT do certain things is far more difficult at least and outright infeasible or even impossible in other cases (compare with halting problem). This is why security vulnerabilities happen, and a backdoor is more or less just a security vulnerability that didn't happen by accident or incompetence but deliberately - which may mean whoever put it there might have spent some time to obfuscate it even further to make it harder to find.