Twitter Gets Encrypted DMs, But You Might Not Want To Use Them Yet
Twitter users have patiently awaited encrypted direct messaging ever since Elon Musk ushered it to the front of his wishlist of changes when buying Twitter in 2022. Only this past March did we hear about the progress behind those efforts, but you can finally use it starting today.
There's just one catch: it's a little incomplete, so much so that even Musk himself warns you shouldn't fully trust it yet. Before we get into the security flaws, many will loathe its exclusive availability between verified users, whether as part of the $8 monthly Twitter Blue subscription, as a notable public figure, or due to affiliation with a verified organization.
Predictably, you must be on the latest version of the Twitter app on Android and iOS to use encrypted DMs, with web users getting the feature instantly. You'll also need some prior interaction to receive someone's encrypted message, whether following them or sending them a DM or message request.
How Twitter's encrypted DMs work
Twitter uses an expanded system for authentication keys. It pairs the public keys already associated with your account (assigned when you log in on your devices) with a locally contained, unique private key for each device you use. The latter never leaves your device. The Twitter app then generates keys for each encrypted conversation you carry and uses the other two elements to deliver them between recipients.
"We employ a combination of strong cryptographic schemes to encrypt every single message, link, and reaction that are part of an encrypted conversation before they leave the sender's device, and remain encrypted while stored on Twitter's infrastructure," Twitter's Help Center explains. "Once messages are received by the recipient devices, they are decrypted so that they can be read by the user."
The social network plans to open-source its encryption methods later in 2023. It'll publish a technical whitepaper containing in-depth descriptions and full details surrounding its implementation. You can count on security experts to carefully scrutinize it to ensure the public of its efficacy.
How to use encrypted direct messages on Twitter
To send an encrypted message, click the Message icon in your Twitter app. You'll notice a lock icon at the upper right — toggle it on to enter encrypted mode. Your recipient list will only show all users who meet the requirements above. Tap the name of whoever you want to send a message to, compose, and then send it as usual.
You can also start an encrypted message within an existing conversation by tapping the info button (it appears as a lowercase "i" within a circle) at the upper right of the window. Select "start an encrypted message" to secure the conversation.
Encrypted conversations will appear visually different compared to unencrypted ones. You'll know whether your DMs are secured by checking the user's avatar — it'll show a lock icon on the lower right. Users can also check the encryption status from the conversation info page, and it'll show "Messages are encrypted" at the very top. And you'll get a quick reminder when viewing the conversation in your Messages list, where the message preview would typically be.
Why you can't fully trust encrypted Twitter DMs yet
The initial release of encrypted DMs comes with certain limitations. Currently, it's limited to single-recipient messages, with group conversations planned for the future.
Also, you can not include images, video, or other attachments within encrypted conversations, only text and links. However, Twitter's language suggests these improvements may be in the works for future updates. New devices cannot join existing encrypted conversations, and there is a maximum of ten devices per user for encrypted messages.
Twitter has opened up early about some of its system's current flaws. In addition to the abovementioned limitations, Twitter explains that only the messages are encrypted, but metadata and linked content are not. That means neither Musk nor anyone else can read your conversation, but they can still determine who's sending messages and when.
This particular layer may be a compromise to verify activity between accounts in sensitive situations, such as satisfying a law enforcement investigation. While you cannot report encrypted messages to Twitter, you are advised to report the account itself if you encounter any issues with the sender. You can stop someone from sending encrypted messages by blocking the account from the conversation info page.
Twitter encryption might never live up to Signal or WhatsApp encryption
Twitter has preemptively conditioned us not to expect the highest end-to-end encryption standards offered by competing messaging clients. Admitting to its inability to stop man-in-the-middle attacks completely, the company says it's working on other authenticity verification measures for both messages and devices.
It also plans to implement alerts for when someone (Twitter included, in certain extenuating cases like legal investigations) may have compromised your conversations through account spoofing. However, these protections don't currently exist.
While those concerns are temporary, Twitter has already written off other key protection mechanisms to preserve its classic user experience. Twitter will delete all encrypted conversations when you log out; however, the app won't erase your private keys from the device, so all your encrypted messages will be restored upon logging back in. This compromise is intended to uphold the social network's cloud-centric user experience of maintaining access to all your conversations on any device.
One of its future tactics is to offer a key backup, allowing you to save your account's unique private key in another location and erase it from your device fully upon logging out. While this offers some protection in case someone happens upon your device and passwords, Twitter downplayed the feature's future potential by confirming it has no plans to address this concern with full forward secrecy as it once did, which would refresh your private keys regularly to keep attackers from accessing future conversations.