You make this idiotic assumption that chat companies are MITM attacking users. Sure, the only way to be sure there is no MITM is to check the fingerprints. But that's aching to false dichotomy. You're not actually choosing between
1. 100% verified E2EE chat and
2. 100% MITM attacked insecure chat
When you don't check the fingerprints, when you are choosing between E2EE and client-server encryption, you're actually choosing between
1. Chat vendor having to commit felony with mandatory minimum sentences, to read your messages
2. You voluntarily sending EVERY SINGLE MESSAGE to the vendor without any expectation of privacy, and thus waving your legal right to privacy.
So no, opportunistic end-to-end encryption is definitely not equivalent to cloud encryption.
Sure, if your personal threat model is that there must be zero chance of some messages ending in wrong hands (maybe you're a lawyer sending private info to client, or naughty pics to your SO), then sure, you will want to perform the fingerprint check. But for majority of communication, it's enough that there is a significant threat of users verifying the fingerprints: Getting caught doing MITM against users is extremely damaging for the company, and again, will land you jail time with very high probability.
I'm surprised this one even needs to be spelled out. If it turns out WhatsApp/FB have access to message contents, they will be liable. Telegram conveniently (for itself) makes that only the case if a setting is changed.
This wouldn’t matter if people gave up arguing Telegram is secure and agreed that it’s just more convenient, but this in fact is a security-related thread.
1. 100% verified E2EE chat and
2. 100% MITM attacked insecure chat
When you don't check the fingerprints, when you are choosing between E2EE and client-server encryption, you're actually choosing between
1. Chat vendor having to commit felony with mandatory minimum sentences, to read your messages
2. You voluntarily sending EVERY SINGLE MESSAGE to the vendor without any expectation of privacy, and thus waving your legal right to privacy.
So no, opportunistic end-to-end encryption is definitely not equivalent to cloud encryption.
Sure, if your personal threat model is that there must be zero chance of some messages ending in wrong hands (maybe you're a lawyer sending private info to client, or naughty pics to your SO), then sure, you will want to perform the fingerprint check. But for majority of communication, it's enough that there is a significant threat of users verifying the fingerprints: Getting caught doing MITM against users is extremely damaging for the company, and again, will land you jail time with very high probability.