Twitter has rolled out its new encrypted direct messages (DMs) feature aimed at securing messages on the platform. This is Twitter’s first move towards supporting end-to-end encrypted messages on the service. However, the company has warned that the current implementation has several limitations. The new encryption feature for DMs is supported on the latest versions of Twitter for iOS, Android, and the Web. The encryption feature will only work if both users are verified, either as a Twitter Blue subscriber or as a member of a verified organization on Twitter. The recipient must follow the sender of the message or have already sent them a message in the past. If these criteria are met, the sender will see a toggle with a lock icon after clicking on the new message floating action button. This will open a chat with an eligible recipient, and encrypted chats will be denoted by a lock icon on the recipient’s profile picture.
Limitations of Twitter’s Encrypted DMs Feature
Unlike messaging services like Signal and WhatsApp, there are several limitations to Twitter’s encrypted DMs feature. Twitter has not disclosed the cryptographic scheme it has used to encrypt messages. Currently, only text and links will be encrypted, which means that media, reactions, and all chat metadata will not be encrypted. Groups are not supported, so messages can only be sent to one recipient. There is currently no way to verify the integrity of a conversation, which means Twitter or a malicious third party could compromise an encrypted conversation, and users would not be alerted. Twitter is working on implementing signature checks and “safety numbers” to allow users to verify the integrity of their chats. Twitter will only let users sign in to a maximum of ten devices to access encrypted DMs. Users cannot see a list of registered devices or de-register a device they no longer have access to. Logging out of a device will delete all encrypted chats, and in the absence of a key backup feature, there is currently no way to retrieve those chats except logging in to the same device. Users won’t be able to report encrypted messages to Twitter, but they can block a user from sending them DMs and report the account instead.
In conclusion, Twitter’s encrypted DMs feature is a step towards securing messages on the platform, but there are several limitations that users need to consider. Twitter is working on improving the feature by adding signature checks and “safety numbers” to allow users to verify the integrity of their chats.
Leave a Reply