Twitter did. The company met a deadline and published something on the promised date under the leadership of Elon Musk. The social media platform has launched its first-ever encrypted messaging option late Wednesday night, just under the wire. Still, in the mad rush to deliver, the site appears to have made some confusing compromises, as noted in a Twitter blog post.
Encrypted DMs on Twitter took years to prepare. The platform first started hinting and exploring the possibility of secure messages about ten years ago. However, he ditched the concept several times after a few false starts, without offering much explanation, such as in 2018 when the site seemed to be test a feature that has never been released. Finally, the bluebird app has encryption, in which data is encoded when sending a DM and decoded when received.
For online privacy, this is undoubtedly a good thing. But Twitter’s version of encryption has some major caveats. For one thing, it’s only available to “verified” users, which means those who have access to it are almost entirely people willing to pay $8 a month for Twitter Blue. Both sides of an encrypted Twitter exchange must be verified for the feature to work.
Second, it is “opt-in”, which means that users must consciously choose encryption every time. It’s against the gold standard of encryption security by default. Facebook/Meta, for example, had to face years of criticism from privacy experts on its own opt-in Messenger end-to-end encryption, which only recently the default has become.
Then there are the user limits. The Twitter version of secure DMs only allows text transmission. Images and other multimedia messages cannot currently be encrypted on the platform. Only individual conversations are covered, group messages are not. There is no way to report abusive encrypted messages. All of these features are readily available on other well-respected encrypted messaging platforms like Signal, Meta MessengerAnd WhatsApp. Plus, none of these options cost money.
For Matthew Green, a computer scientist and cryptographer at Johns Hopkins University, the aforementioned opt-in, pay-to-play, and limited usability issues make Twitter’s crypto offering worse than most available elsewhere. “Encryption is an important security feature,” he told Gizmodo in a phone call. “Unfortunately they will only provide security for people who have paid.”
“A little encryption is better than no encryption,” Green noted. Still, not all encryption is created equal, and from Twitter’s starting point, “it might be hard to make it GOOD encryption.” In the broadest sense, the privacy tech expert said he’s excited about Twitter’s move toward greater messaging security: “This is one of the few positive features that I’ve seen Twitter come out over the past few months.” But it has caveats, from the surface level to the very foundations of the functionality.
For now, he argues that the best use of Twitter messages is to exchange a WhatsApp or Signal number. “This is the best use of Twitter DMs until someone knows how good this thing is.”
A Deeper Dive into Twitter’s Encryption Failures
Beyond user-facing disappointments, on the back-end, there are other weak points in Twitter’s new security setting. To the company’s credit, it’s obvious that its first try at encrypted DMs isn’t perfect. “When it comes to direct messages, the norm should be that if someone puts a gun to our heads, we still can’t access your messages,” the Wednesday blog post read, citing a previous tweet of Musk. “We are not there yet,” he continues.
As Twitter points out in its own statement, its version of encryption does not necessarily protect against man-in-the-middle attacks. This means that a technically competent bad actor or Twitter itself could theoretically intercept messages without the knowledge of the sender. Due to this weakness, the encryption version of Twitter is not necessarily end to end– again a security standard offered by Signal, WhatsApp, Messenger and others.
Man-in-the-middle attacks are a “fringe case” of security, Green said, that probably needn’t be worried about. “It’s a sophisticated attack that, yes, technically could happen,” but it’s less likely than all another multitude privacy messaging ways could be compromised. Twitter says it plans to work on improving this vulnerability in the future. Still, it’s another ding against Musk’s platform. Yet what concerns Green far more is the lack of another generally standard encryption mechanism called “forward secrecy,” also noted on the company’s blog.
“The whole of the [cryptography] people I know are a little confused by that,” he told Gizmodo. With forward secrecy, the encryption key that protects a user’s privacy changes with each message. In practice, this means that if your phone or computer is hacked and the perpetrator has access to your existing communications and your decryption key, they will at least not be able to intercept or see future messages. “It’s kind of table stakes for all modern encryption protocols,” Green said.
But not for Twitter. The company further asserts that it does not intend to institute a forward-looking privacy protocol. “We do not plan to remedy this limitation,” he wrote.
For Green, it’s “a big red flag.” Modern encryption is generally based on open-source Signal protocol. If Twitter operated like virtually every other tech company, it would have used this readily available, powerful, and well-tested resource of code to develop its encryption. This would have guaranteed the change of encryption keys. The fact that the platform didn’t is “super mysterious”. On its own, the lack of forward secrecy is “pretty bad,” Green said, but the broader implication that Twitter has gone entirely internal and engineered its own cryptography is even more concerning.
As far as he knows, Twitter doesn’t have many crypto experts on staff. After Musk’s purge, the platform doesn’t have a lot of staff, period. Encryption is “a very difficult thing to do right,” Green said. If Twitter hasn’t relied on existing open source expertise that is widely available “maybe they made it up themselves, and that’s where people make big mistakes,” added Professor JHU.
Green and the company’s blog both expressed hope that Twitter’s encryption feature will improve across the board. But the failure of transmission secrecy gives the security expert pause. If Twitter made any mistakes in independently developing this first version of secure messaging, those issues will ripple across the entire platform in perpetuity. “It looks like they made some fundamental choices that might not be great,” Green said. “If you build a bad basement on top of a house, you’re going to struggle with problems forever.”
