Privacy and security experts widely panned a new feature that Twitter unveiled Wednesday that encrypts some direct messages between users, raising questions about the future of user safety on the platform.
Twitter’s early efforts at securing direct messages with encryption appear to be riddled with caveats, flaws and risks that may endanger users, the experts said after the company rolled out its initial release.
With the first iteration of the feature, only users who are paying subscribers to Twitter Blue or whose organizations have paid to be verified with the company may use encrypted messages.
In addition, encrypted messages may only be sent between two individuals, not groups. Encrypting images, video and other media is not supported. Both participants must either have exchanged direct messages in the past, or the recipient of an encrypted message must already follow the sender.
Perhaps most crucially, Twitter acknowledged that even with the encryption feature enabled, the company itself, and other third parties, can still potentially access user messages.
“I’m trying to be positive about Twitter deploying encrypted DMs even though there are so many things about this system that make it feel like a v0.1 release, or are just obnoxious,” said Matthew Green, a cryptographer and computer science professor at Johns Hopkins University, in a tweet.
Twitter’s former chief information security officer, Lea Kissner, publicly pleaded with Twitter’s current engineering team to improve the feature quickly.
“Twitter folks, seriously. I left some design docs somewhere. Please use them,” Kissner said on Bluesky, a rival platform.
Twitter has described encrypted messaging as key to the company’s future of becoming “the most trusted platform on the internet.” But the rollout provides another example of how, under CEO Elon Musk, Twitter has forged ahead with significant changes to the platform over the warnings of independent researchers about potential unintended consequences stemming from incomplete or poorly implemented updates.
In a blog post Wednesday, Twitter said users of its latest app will be eligible to participate in encrypted direct messages. And it announced that its goal is to provide a similar level of protection as other privacy-preserving apps that come highly recommended by security experts, such as Signal.
“The standard should be, if someone puts a gun to our heads, we still can’t access your messages,” the blog post said. “We’re not quite there yet, but we’re working on it.”
But the company also acknowledged the feature’s limitations, including the fact that the new encryption option does “not offer protections against man-in-the-middle attacks.”
“As a result, if someone — for example, a malicious insider, or Twitter itself as a result of a compulsory legal process — were to compromise an encrypted conversation, neither the sender or receiver would know,” Twitter’s blog post said.
The lack of so-called end-to-end encryption makes Twitter’s implementation largely meaningless, security experts said.
“The ENTIRE PURPOSE of End-to-end encryption is to protect you against whoever controls the messaging servers,” said Marcus Hutchins, also known as MalwareTech, on Bluesky.
John Scott-Railton, a cybersecurity and disinformation researcher, tweeted that this caveat means it is “not safe for anyone worried about privacy & safety to assume that this has equivalent protections to things like [Signal].”
Twitter’s new feature also encrypts messages at the conversation level, not each individual message. That means that if a malicious actor gained unauthorized access to the keys, they could view the entire message chain. A stronger approach would be to assign each message its own encryption key, a feature that already exists in other apps.
Jonathan Mayer, a computer scientist at Princeton University and a former chief technologist of the Federal Communications Commission, said Twitter’s version of encryption would fail basic principles taught in an Information Security 101 course.
“We literally teach the students not to do exactly what Twitter is doing,” Mayer said.
One of the feature’s biggest dangers to users is that they could come away with a false sense of security, Hutchins added, which would be far worse than Twitter offering no encryption at all, because users may be lulled into sharing more in Twitter messages than they otherwise would.
In an apparent response to the wave of criticism, Musk tweeted early Thursday: “Try it, but don’t trust it yet.”