I probably shouldn't go around and disagree with quotes from people I have never heard about, but there is no law that means encryption has to be ackward, user-unfriendly or badly designed.
HTTPS: You can give up freedom and some security for convenience of 3rd party registrars! You can roll your own which is less convenient and likely less secure… Not really sure of the 3rd option here.
Let's put things in context. Would you trust WhatsApp to be part of the US nuclear launch chain? Or talkes between the leaders of US, France, China, and North Korea.
The type of encryption used in whatsapp is not something I want to authenticate in anything that has to be dormant and used in an emergency without a network, but that doesn't mean it is bad crypto.
Yes, why not? You still need to ensure that the people involved with whatsapp can be trusted, but even the NSA can't do that in every case (ie Snowdon).
