News
Twitter’s encrypted DM feature is a mess, and you shouldn’t trust it
A Twitter employee claimed they Twitter’s encrypted DM feature is safe. But, people on the inside say there tell a different story.
Twitter recently launched a new feature for Twitter Blue users: encrypted DMs. But it is still far from being a refined product, which Twitter CEO Elon Musk and the company fully admit.
An official quote from Twitter states:
Currently, we do not offer protections against man-in-the-middle attacks. As a result, if someone – for example, a malicious insider, or Twitter itself as a result of a compulsory legal process – were to compromise an encrypted conversation, neither the sender or receiver would know.
Public and private keys are required to access encrypted messages, like Twitter’s encrypted DMs. Unfortunately, this method isn’t perfect, and people have discovered vulnerabilities like man-in-the-middle attacks.
A man-in-the-middle attack (MITM) is a cyberattack in which attackers secretly relay and possibly alter the communications between two parties. These people believe they are directly communicating with each other. However, the attacker is still able to read the contact.
Imagine you and your friend are talking on walkie-talkies, but a hacker in the middle listens to everything you both say. This person pretends to be you when talking to your friend and pretends to be your friend when talking to you. You both think you’re talking directly to each other, but the hacker controls the whole conversation. That’s what a MITM attack is like
Security researcher Matthew Garrett recommends that users use WhatsApp or Signal instead. This is the man who discussed these security issues with Christopher Stanley, a lead security engineer for Twitter.
Twitter was supposed to have the feature audited by a security firm, and even though one of its employees said it was tested, sources claim Twitter never signed a contract, which leads most to believe the test never happened.
Yea, it’s an absolute mess, we know.
According to Platformer, sources within Twitter stated that layoffs were why the audit never took place. Twitter and the security firm still have yet to comment on the situation.
Have any thoughts on this? Drop us a line below in the comments, or carry the discussion over to our Twitter or Facebook.
Editors’ Recommendations:
- Elon Musk teases a new Twitter CEO, what is he hiding?
- Airlines abandon Twitter customer service amid high API fees
- What is Bluesky? And does it have the potential to be a Twitter killer?
- Elon Musk & Twitter: a definitive timeline
Follow us on Flipboard, Google News, or Apple News
Buying Guide
The best wireless earbuds (2023)
Buying Guide
Here are the best STEM toys on the market today
Powerful ideas in 15 minutes
Join now and start upleveling your small talk game. Get access to over 5,000 book titles alongside 20 million other readers.
Trusted by 80,000+ businesses globally.
Elevate your scheduling with Calendar.com, your ultimate team tool. Create custom time slots, share your unique link, and let contacts book meetings with ease.
Turn your Airtable or Google Sheets into modern business tools you need.
Softr lets you stop waiting for developers. Build software without devs. Blazingly fast. Trusted by 100,000+ teams worldwide. Stop waiting for developers..
Learn AI in 5 Minutes a Day
We'll teach you how to save time and earn more with AI. Join 70,000+ free daily readers for trending tools, productivity-boosting prompts, the latest news, and more.
