Twitter has launched a new encrypted messaging service that ensures direct messages sent on the platform are secure and end-to-end encrypted, ensuring only the sender and recipient can access the content.
To enable encryption, the latest Twitter app generates a unique pair of device-specific keys – a private and public key pair – with the public key automatically registered upon a user’s login from a new device or browser. The private key remains solely on the user’s device and is never shared with Twitter. Additionally, a conversation-specific key is used to encrypt the message content securely between participating devices.
This feature was emphasized by Twitter CEO Elon Musk, who stated that he wouldn’t be able to view user messages even under duress. Despite this, he advised users to exercise caution and not fully trust this early version yet.
This service is currently only available to Twitter Blue subscribers or verified Twitter account holders, with the ability to share only text and links. It’s important to note that while messages themselves are encrypted, certain metadata such as recipient information and creation timestamps, along with any linked content, remain unencrypted. However, Twitter has acknowledged this limitation and is working to achieve complete encryption.
Twitter has also announced its intention to open-source the implementation of this feature and provide a comprehensive technical whitepaper later this year to detail the underlying technology.
The sources for this piece include an article in BBC.