Elon Musk's long-promised launch of encrypted direct messages on Twitter has arrived. Like most attempts to add end-to-end encryption to a massive existing platform—never an easy proposition—there's good, bad, and ugly. The good: Twitter has added an optional layer of security for a small subset of its users that has never existed in Twitter's 16-plus years online. As for the bad and ugly: Well, that list is quite a lot longer.
Yesterday night, Twitter announced the release of encrypted direct messages, a feature that Musk had assured users was coming from his very first days running the company. To Twitter's credit, it accompanied the new feature with an article on its help center breaking down the new feature's strengths and weaknesses with unusual transparency. And as the article points out, there are plenty of weaknesses.
In fact, the company appears to have stopped short of calling the feature "end-to-end" encrypted, the term that would mean only users on the two ends of conversations can read messages, rather than hackers, government agencies that can eavesdrop on those messages, or even Twitter itself.
"As Elon Musk said, when it comes to Direct Messages, the standard should be, if someone puts a gun to our heads, we still can’t access your messages," the help desk page reads. "We’re not quite there yet, but we’re working on it."
In fact, the description of Twitter's encrypted messaging feature that follows that initial caveat seems almost like a laundry list of the most serious flaws in every existing end-to-end encrypted messaging app, now all combined into one product—along with a few extra flaws that are all its own.
The encryption feature is opt-in, for instance, not turned on by default, a decision for which Facebook Messenger has received criticism. It explicitly doesn't prevent “man-in-the-middle” attacks that would allow Twitter to invisibly spoof users' identities and intercept messages, long considered the most serious flaw in Apple's iMessage encryption. It doesn't have the “perfect forward secrecy” feature that makes spying on users harder even after a device is temporarily compromised. It doesn't allow for group messaging or even sending photos or videos. And perhaps most seriously, it currently restricts this subpar encrypted messaging system to only the verified users messaging each other—most of whom must pay $8 a month—vastly limiting the network that might use it.