Twitter launches encrypted DMs – but Musk warns users NOT to trust it

Twitter launches encrypted DMs – but Elon Musk warns users NOT to trust the WhatsApp-style feature yet

  • Elon Musk warned Twitter users that its encryption features shouldn’t be trusted
  • Malicious Twitter insiders can currently get hold of encrypted conversations
  • These attacks could take place without the sender or receiver ever knowing  

Elon Musk has warned Twitter users that its new WhatsApp-style feature should not be trusted – after launching it just yesterday.

Encrypted messaging was released on Wednesday as part of Twitter’s goal to become he ‘most trusted platform on the internet’.

But Musk has now stressed the privacy feature is ‘not quite there yet’ despite his initial jokes that he could not view messages even with a ‘gun to [his] head’.

Twitter said: ‘As Elon Musk said, when it comes to Direct Messages, the standard should be, if someone puts a gun to our heads, we still can’t access your messages. We’re not quite there yet, but we’re working on it.’

Encryption converts messages into scrambled text that cannot be read by anyone except the intended recipient.

Elon Musk warned Twitter users that its new encryption features should not be trusted yet


End-to-end encryption ensures only the two participants of a chat can read messages, and no one in between – not even the company that owns the service.

End-to-end encryption is intended to prevent data being read or secretly modified when it is in transit between the two parties.

The cryptographic keys needed to access the service are automatically provided only to the two people in each conversation. 

In decrypted form, messages are accessible by a third party – which makes them interceptable by governments for law enforcement reasons.

Platforms like WhatsApp use this to protect personal privacy with messages, images and videos less likely to fall into the wrong hands.

But unlike WhatsApp’s free version, Musk’s firm is charging users more than £100/year to use this feature, which only comes as part of Twitter Blue.

For businesses, this figure is £795 plus extra costs for any affiliated businesses. 

This morning, Musk tweeted: ‘Early version of encrypted direct messages just launched. Try it, but don’t trust it yet.’ 

Twitter’s own feature does not yet protect users from ‘man-in-the-middle attacks’, meaning that malicious insiders could compromise encrypted conversations.

These attacks could go completely unnoticed, without the sender or receiver ever knowing that a hack occurred.

While the tech giant is currently working to fix this, it comes just days after Musk tweeted that ‘WhatsApp cannot be trusted’.

It was in response to a claim on Twitter that the Mark Zuckerberg-owned app listens to users, after a person found that WhatsApp had accessed their phone’s microphone while they slept.

In reply, WhatsApp blamed this on ‘a bug on Android’, but it didn’t stop Musk using the claim as another chance to take a dig at the platform and his rival Zuckerberg. 

Malicious Twitter insiders can currently get a hold of encrypted conversations on the platform

‘Man-in-the-middle attacks’ could take place without the sender or receiver ever knowing

Meanwhile, videos and images are unable to be sent using Twitter’s encryption tool, with recipient data also left open to viewing.

Twitter continued: ‘An encrypted message can only include text and links; media and other attachments are not supported yet. When users attempt to send media via an encrypted conversation, this action will not be completed.

READ MORE:  Is Twitter morphing into WhatsApp? MailOnline explores what Elon Musk’s platform could soon look like 

He often speaks of his disdain for WhatsApp, but is Elon Musk looking to morph Twitter into something similar? 

‘Reactions to encrypted messages are also encrypted. Also, while messages themselves are encrypted, metadata (recipient, creation time, etc.) are not, and neither is any linked content (only links themselves, not any content they refer to, is encrypted).’ 

The feature launch followed Musk’s announcement earlier this week, revealing that video and voice chat functions were ‘coming soon’ to the platform. 

This comes as part of Musk’s goal of making Twitter an ‘Everything App’, with a range of other features such as payments and longform tweets.  

But the launch of encrypted tweets has occurred at a risky time for the UK, with the Government’s Online Safety Bill on the horizon.

This legislation is pushing for tech giants to have more responsibility to find and remove illegal content on their platforms.

But WhatsApp is among numerous organisations to have written an open letter against its intentions. 

‘As end-to-end-encrypted communication services, we urge the UK Government to address the risks that the Online Safety Bill poses to everyone’s privacy and safety. It is not too late to ensure that the Bill aligns with the Government’s stated intention to protect end-to-end encryption and respect the human right to privacy,’ it reads.

The billionaire also unveiled that video and voice chat functions were ‘coming soon’ on May 10

‘Around the world, businesses, individuals and governments face persistent threats from online fraud, scams and data theft. Malicious actors and hostile states routinely challenge the security of our critical infrastructure. 

‘End-to-end encryption is one of the strongest possible defenses against these threats, and as vital institutions become ever more dependent on internet technologies to conduct core operations, the stakes have never been higher.’

How this will play into Twitter’s future is currently uncertain, however, Global Cybersecurity Advisor, Jake Moore, believes the UK will never ban encrypted messages.

He told MailOnline yesterday: ‘As more and more people become privacy conscious online, encrypted direct messaging is naturally more in demand and Twitter are essentially being forced into adding this feature. 

‘Without the use of encrypted messages, employees and advertisers have the opportunity of reading people’s messages which although can make Twitter a lot of money, it can be a huge security risk to those involved.  

‘I don’t think the Online Safety Bill will ever be able to eradicate encrypted messages due to the vital requirement of this feature to protect private communication. 

‘The OSB may attempt it further but I can’t see this happening. Many other big tech companies are suggesting they would pull out of the UK if such policies were to be introduced which have far bigger consequences.’

The encryption changes also come in the midst of numerous others that Musk has made during his time at Twitter.

 Pictured is a graphic showing how the two apps compare in terms of recent WhatsApp-like Twitter features announced

Just three days ago, Musk announced plans to ‘purge’ inactive accounts on Twitter, igniting a backlash among numerous social media users.

Less than a month before that, the Twitter CEO also removed the platform’s legacy blue ticks, raising fears about misinformation.

Mr Moore believes that too many changes could eventually push loyal fans away.

He said: ‘Twitter’s competitors are already fully engrossed in encrypted messaging as well as voice and video chat functionality so this is the next obvious step.

‘As numbers go, the likes of Meta, Snap and TikTok are dominating over Twitter and therefore to recoup some of the losses in the purchase of the site, Musk needs to align the platform as a better rival.

‘However, too many changes can have the opposite effect and could push more loyal fans away like we have previously seen. Many other similar sites to Twitter such as BlueSky and Mastadon are simply waiting on the sidelines for users to migrate over. 

‘So, Musk will have to be careful not to ruin the essence of what has made the platform what it is today.’

Timeline of Elon Musk’s eventful time at Twitter so far 

October 27: Musk is officially made the new owner of Twitter, and tweets ‘the bird is freed’.

November 1: Musk confirms plans to change the system of ‘Blue Tick’ verification on Twitter, for a reduced subscription fee of $8 a month.

November 4: Musk lays off half of Twitter’s workforce as an alleged cost-cutting measure, claiming he had ‘no choice’. 

November 9: Musk launches the ‘Twitter Blue’ subscription service which verifies accounts for a monthly fee.

November 11: The Twitter Blue service is paused due to accounts purchasing verification and using it to impersonate brands and public figures.

November 12: Musk fires 80 per cent of Twitter contractors without warning.

November 15: Musk fires employees that posted negatively about him on the business messaging app Slack. The lawsuit between Musk and Twitter is dismissed.

November 16:  Twitter staff are told they need to sign a pledge to be able to stay on in their roles where they would be ‘working long hours at high intensity’ or receive three months of severance pay, resulting in a mass exodus.

November 18: A news-ticker was projected onto Twitter HQ in San Francisco dubbing Musk as a ‘space Karen’, ‘mediocre manchild’ and ‘bankruptcy baby’.

November 23: A Twitter user reported that 5.4 million phone numbers and email addresses leaked on the dark web, before his account was suspended. 

November 26: Financial Times revealed that 50 of the platform’s top 100 advertisers have paused their ads.

November 29:  Platformer reported that Twitter is in the process of reinstating around 62,000 banned accounts that each have more than 10,000 followers.

December 12: Twitter Blue is re-launched with new Blue Tick reviewing process.

January 11: Twitter starts automatically redirecting users to the ‘For You’ tab – its algorithmic feed of tweets – every time they open the app. 

February 8: Twitter expands the character limit to 4,000 for Twitter Blue subscribers in the US. Shortly after, the site encounters technical difficulties. 

May 8: Elon Musk announced that Twitter is ‘purging’ inactive accounts

May 10: Elon Musk announces the launch of encrypted messaging  

Source: Read Full Article