Twitter adds encrypted messages, but only for verified accounts with blue tick

Twitter adds encrypted messages, but only for verified accounts with blue tick

Twitter adds encrypted messages, but only for verified accounts with blue tick

Twitter has announced that it is rolling out a long-awaited encrypted messaging feature, and while it currently works, there are limitations to the service that are still being worked out.

The social media company made the announcement overnight, along with the intention that eventually even Twitter would be unable to view the content of encrypted messages, but that feature is apparently still in the works.

“As Elon Musk said, when it comes to direct messages, the standard should be: if someone puts a gun to our head, we still won’t be able to access their messages,” Twitter said in a post on your Help Center page.

“We’re not there yet, but we’re working on it.”

To use the feature, users must be using the latest version of Twitter, and both the sender and receiver must have a verified account or be associated with a verified organization. The recipient must follow the sender or has already sent them messages.

Assuming you meet the criteria, you’re good to go.

The new, more secure messaging works by providing one public key per device (for up to 10 devices) that is combined with a private key held by Twitter. Each encrypted conversation also has its own unique key, which is shared between the devices the sender and receiver operate on.

You can flip a switch on a new conversation to encrypt it or create a new encrypted chat from the conversation settings of an existing exchange. Encrypted conversations are indicated by a lock icon on the avatar of the person you are talking to.

However, there are a number of limitations to the new feature, although Twitter has said it is working to remove most of them.

For example, encrypted conversations can only be held between two people; Encrypted group chats are coming later. It is also not possible to report encrypted conversations, and only texts and links can be exchanged in these chats. Work is also being done on other media, such as images.

And while there is a limit of 10 devices per user, there is currently no way to view the devices you have registered or to unregister a device.

But possibly the biggest problem is the lack of protection against man-in-the-middle attacks.

“As a result, if someone (for example, a malicious insider or Twitter itself as a result of a mandatory legal process) were to compromise an encrypted conversation, neither the sender [nor] The recipient would know,” Twitter said.

However, the company is working on implementing both “signature verifications” to verify the origin of a message and “security numbers,” which will allow two users to verify the devices that are part of an encrypted conversation.

“When signature and security number controls are implemented, man-in-the-middle attacks should be difficult, if not impossible,” Twitter believes, “and both senders and recipients should be alerted in the event of an attack.”

Is it worth the cost of a blue tick to send encrypted messages on Twitter? Only you can be the judge.

Leave a Reply

Your email address will not be published. Required fields are marked *