Twitter has been undergoing a rapid transformation ever since Elon Musk took over the reins of the company. Just yesterday, Musk announced a bunch of new updates, including emoji reactions and message threads, for Direct Messages on its platform. While making the announcement, Musk had hinted towards the possibility of the company rolling out ‘encrypted DMs V1.0’ later this week. “The acid test is that I could not see your DMs even if there was a gun to my head,” he had said at the time. Now, just a day later, the company has announced the availability of encrypted direct messages or encrypted DMs on its platform. Also Read - Twitter introduces Twitter API Pro for startups: Check price, features
So, what are encrypted DMs?
Encrypted Direct Message are essentially regular messages that are protected by an encryption technique, which makes it difficult for anyone to snoop in on a user’s chats. Twitter says that encrypted DMs will appear as separate conversations alongside a user’s existing DMs in their inbox. Also Read - New Twitter bug is restoring deleted tweets for hundreds of users
Encrypted DMs are visually differentiated from regular chats through a lock icon badge on the avatar. The badged avatar shows up in both the inbox and conversation views. Also Read - Twitter to get 15-second forward, picture-in-picture mode next week, says Elon Musk
How do encrypted DMs work?
Explaining how this feature works, Twitter said that the latest version of Twitter apps on iOS, Android, and Web generate a pair of device specific keys — a private key, which never leaves the device and therefore is never communicated to Twitter, and a public key, which is automatically registered when a user logs into Twitter on a new device or browser. In addition to the private and public keys, there is a per conversation key that is used to encrypt the content of messages. The private-public key pairs are used to exchange the conversation key securely between participating devices.
“We employ a combination of strong cryptographic schemes to encrypt every single message, link, and reaction that are part of an encrypted conversation before they leave the sender’s device and remain encrypted while stored on Twitter’s infrastructure. Once messages are received by the recipient devices, they are decrypted so that they can be read by the user,” Twitter explained.
But, not everyone can use encrypted DMs!
Twitter says that users need to meet a bunch of conditions in a bid to be able to send or receive encrypted DMs. Here’s the check list:
— Both the sender and the receiver of the encrypted message are verified users or affiliates to a verified organization.
— The recipient follows sender, or has sent a message to sender previously, or has accepted a Direct Message request from the sender before.
Simply put, only verified Twitter users who have sent a direct message to each other in the past can use this feature.
Not everything works though!
Twitter, in the blog post, has explained all the limitations associated with encrypted DMs. Here’s a more detailed list:
— For now, encrypted messages can only be sent to a single recipient.
— An encrypted message can only include text and links; media and other attachments are not supported yet.
— Currently, new devices cannot join existing encrypted conversations.
— Currently Twitter is allowing a maximum of ten devices per user for encrypted messages.
— Currently, it is not possible to report an encrypted message to Twitter due to the encrypted nature of the conversation.
“If the private key of a registered device was compromised, an attacker would be able to decrypt all of the encrypted messages that were sent and received by that device. In other words, this implementation is not ‘forward secure’,” Twitter explained.