After months of talking about it, Twitter has finally arrived issued the first version of encrypted DMs – but there are a few limitations. Currently, this feature is only available to verified users (such as Blue subscribers) or accounts associated with verified organizations. In addition, the encryption feature is not compatible with group messages and does not protect Twitter against man-in-the-middle attacks.
Twitter said that while encryption works across platforms, the recipient must follow the sender to enable it. Alternatively, encryption can be enabled if a user has previously chatted with the sender or accepted their DM request. If users are eligible for an encrypted conversation, the sender will be given an option to enable encryption via a switch on the new chat screen.
To enable encryption for an existing conversation, tap the information icon in the corner of the conversation screen and tap the “Start an encrypted message” option. Encrypted conversations look different from normal conversations because Twitter places a lock badge on the recipient’s profile picture. In the conversation itself, the company will display a “Messages are encrypted” banner at the top.
The social network makes it clear in his blog post that there are several limitations to this implementation. At the conversational level, Twitter only supports encryption for one-to-one messages with text and links. Twitter said media is currently not supported in encrypted conversations.
In addition, people cannot use a new device to join an existing encrypted conversation. So you either have to use the same device you started an encrypted conversation with, or start a new conversation when you get a new device. Users can only have a total of 10 devices to use the encryption feature and there is no way to unenroll a device to make room for a new device.
Notably, Twitter considers reinstalling the app to be registering a new device. Twitter doesn’t provide a key backup option, which means all your encrypted messages on that device will be erased if you sign out of the account.
But the complex part is that when you log out, Twitter doesn’t remove any private keys from the device – only messages. Users can retrieve existing conversations if they log in again from the same device. The company warned that people should not use the encryption feature on shared devices due to this restriction. This could change when Twitter starts offering a key backup option.
There are also many doubts about the feature’s security offerings. It is not clear which cryptographic standard Twitter uses for this feature. The company just said it deploys “a combination of strong cryptographic schemes”. in his blog post talk about the encryption feature.
Twitter said the encryption feature also doesn’t provide forward secrecy, so an attacker could access all of a user’s previous conversations if they gain access to a compromised device. The company said it decided not to implement this feature to allow users to access their unencrypted DMs on any device.
At this time, Twitter does not provide signature checking or message verification features. So devices themselves cannot verify the authenticity of the message, and people cannot use methods such as comparing strings of numbers to verify encryption security.
This makes the system vulnerable to man-in-the-middle attacks. That means an attacker can read your messages if security is compromised. Twitter also hinted that it could pass this conversation to authorities as part of a legal process due to current design flaws.
“If someone — say, a malicious insider, or Twitter itself as a result of a mandatory legal process — were to compromise an encrypted conversation, neither the sender nor the recipient would know about it,” the company said. Twitter wants to add signature checks and security numbers so that these attacks or requests are no longer possible.
After acquiring the company, Elon Musk has expressed his desire to “superset” Signal with Twitter DMs. However, with the current set of restrictions, it doesn’t offer the same level of protection that Signal or other apps offer. Both Signal and WhatsApp offer end-to-end encryption for all kinds of conversations. In addition, Signal does not record any metadata about contacts or messages.
“As Elon Musk said, when it comes to direct messages, the norm should be that if someone puts a gun to our head, we still can’t access your messages. We’re not quite there yet, but we’re working on it,” the company said.