Twitter encrypted DMs have officially launched – but only between paid users, and the security feature doesn’t yet live up to Musk’s promise to use end-to-end (E2E) encryption for full privacy.
The company acknowledges this in a support document, and even Musk himself says you shouldn’t trust it …
Background
Most messaging services use E2E encryption. This includes iMessage, FaceTime, WhatsApp, Signal, Viber – as well as Telegram and Facebook Messenger if you switch on the Secret Chat/Messages option.
E2E encryption means that only the message participants have the key, so nobody else can read the content. This includes the company operating the service, so Apple, for example, can’t read any of your iMessages, even if presented with a court order.
Twitter encrypted DMs launch – without E2E
So far, Twitter messages have not been encrypted in any form, let alone E2E. Musk promised to fix this, stating that “the acid test is that I could not see your DMs even if there was a gun to my head.” The only way to achieve this is with E2E encryption.
Security engineering exec Christopher Stanley announced what he called “phase 1” of encrypted DMs – which are not encrypted E2E.
Super excited about launching Phase 1 of our Encrypted DM’s project! Twitter seeks to be the most trusted platform on the internet, and encrypted Direct Messages are an important part of that.
As Elon Musk said, when it comes to Direct Messages, the standard should be, if someone puts a gun to our heads, we still can’t access your messages. We’re not quite there yet, but we’re working on it. Until then, here is the Encrypted Direct Message we are releasing – a new way of communicating on Twitter that will appear as separate conversations, alongside your existing Direct Messages in your inbox.
Commenters immediately began noting this, as well as other limitations.
Twitter launched encrypted* DMs for verified accounts.
- No sync
- No group chats
- No attachments
- No timers
- Vulnerable to MITM
- No reporting (msg franking)
- No Forward Secrecy
- No Key Transparency
- Private keys are NOT erased after web logout
Additionally, encryption is not the default: You have to enable it on a per-message basis.
Even Musk says you shouldn’t trust it:
The next step still won’t be E2E encryption
Twitter’s support document acknowledges the limited protection offered at this stage.
Currently, we do not offer protections against man-in-the-middle attacks. As a result, if someone–for example, a malicious insider, or Twitter itself as a result of a compulsory legal process–were to compromise an encrypted conversation, neither the sender or receiver would know.
It says the company is working on this, but even here it is not promising E2E encryption (underlines are our emphasis):
We are, however, working on mechanisms for a future release that will:
- allow devices to verify the authenticity of the content and origin of the message (via “signature checks”); and
- allow a pair of users to verify the devices that have access to their encrypted conversation (via “safety numbers”)
When signature checks and safety numbers are implemented, man-in-the-middle attacks should be difficult, if not impossible, and both senders and recipients should be alerted in the event of an attack.
9to5Mac’s Take
This is a small step in the right direction. Encrypted DMs will certainly be more secure than plain-text ones.
However, this is a very long way short of what Musk has promised, and even the company’s future plans don’t mention E2E encryption – instead, just a compromise approach that further increases security, but does not ensure it.
We can see no good reason for Twitter failing to offer full E2E encryption to match Apple’s iMessage and most other messaging platforms.
Additionally, while any company is free to paywall any features it likes, it’s in everyone’s interest not to do so for privacy and security features. Even a Twitter Blue subscriber won’t be able to send encrypted messages when messaging a non-subscriber, and that’s almost everyone else on Twitter.
Image: Shubham Dhage/Unsplash
FTC: We use income earning auto affiliate links. More.
Comments