X (formerly Twitter) is looking to redefine online communication by prioritizing user privacy by introducing Encrypted Direct Messages. After being caught up in so many controversies over a long period of time, X is indicating that it is committed to becoming the most trusted platform on the internet. X has now employed robust cryptographic techniques, ensuring the confidentiality of messages. With plans to open source the implementation and a transparent approach to limitations, X is actively working towards a safer and more private online messaging experience. Know how:
1. Encryption Process:
– X generates device-specific key pairs (private and public).
– Public keys are registered automatically upon login, while private keys remain on the device, never shared with X.
– Each conversation has a unique key for message content encryption.
2. Cryptographic Measures:
– Strong cryptographic schemes encrypt messages, links, and reactions before leaving the sender’s device.
– Encryption persists while stored on X’s infrastructure.
– Plans to open source the implementation with a technical whitepaper.
3. Eligibility Criteria for Users:
– Both sender and recipient must use the latest X apps (iOS, Android, Web).
– Verified users or affiliates to verified organizations.
– Connection criteria between sender and recipient must be met.
4. User Interface Differentiation:
– Encrypted conversations are visually distinct with a lock icon badge on the user’s avatar.
– Encryption status can be checked in the Conversation info page.
5. Device Registration and Management:
– Automatic registration for new devices; manual unregistration possible.
– Maximum of ten devices per user for encrypted messages.
– Unregistering a device deletes its Encrypted DMs history.
6. Limitations:
– Single-recipient messages only; group conversations feature under development.
– Support for text and links, excluding media.
– New devices can’t join existing encrypted conversations currently.
7. Security Measures in Development:
– Working on signature checks and safety numbers to prevent man-in-the-middle attacks.
– Future alert mechanisms for authenticity verification and device access verification.
8. Reporting and Blocking:
– Reporting encrypted messages not possible due to encryption; users advised to report account issues.
– Blocking option available in encrypted conversations.
9. Logout and Key Backup:
– Logout deletes messages on the current device but doesn’t erase private keys.
– Key backup feature planned for future implementation.
10. Limitations Acknowledgment:
– Forward secrecy not implemented due to user experience considerations.
– Encrypted message deletion only removes data from the deleting user’s account.
In summary, X is indicating that it is committed to user privacy with encrypted direct messages, actively addressing limitations, and seeking user feedback for continuous improvement.
Source: https://help.twitter.com/en/using-x/encrypted-direct-messages
X (formerly Twitter) is looking to redefine online communication by prioritizing user privacy by introducing Encrypted Direct Messages. After being caught up in so many controversies over a long period of time, X is indicating that it is committed to becoming the most trusted platform on the internet. X has now employed robust cryptographic techniques, ensuring the confidentiality of messages. With plans to open source the implementation and a transparent approach to limitations, X is actively working towards a safer and more private online messaging experience. Know how:
1. Encryption Process:
– X generates device-specific key pairs (private and public).
– Public keys are registered automatically upon login, while private keys remain on the device, never shared with X.
– Each conversation has a unique key for message content encryption.
2. Cryptographic Measures:
– Strong cryptographic schemes encrypt messages, links, and reactions before leaving the sender’s device.
– Encryption persists while stored on X’s infrastructure.
– Plans to open source the implementation with a technical whitepaper.
3. Eligibility Criteria for Users:
– Both sender and recipient must use the latest X apps (iOS, Android, Web).
– Verified users or affiliates to verified organizations.
– Connection criteria between sender and recipient must be met.
4. User Interface Differentiation:
– Encrypted conversations are visually distinct with a lock icon badge on the user’s avatar.
– Encryption status can be checked in the Conversation info page.
5. Device Registration and Management:
– Automatic registration for new devices; manual unregistration possible.
– Maximum of ten devices per user for encrypted messages.
– Unregistering a device deletes its Encrypted DMs history.
6. Limitations:
– Single-recipient messages only; group conversations feature under development.
– Support for text and links, excluding media.
– New devices can’t join existing encrypted conversations currently.
7. Security Measures in Development:
– Working on signature checks and safety numbers to prevent man-in-the-middle attacks.
– Future alert mechanisms for authenticity verification and device access verification.
8. Reporting and Blocking:
– Reporting encrypted messages not possible due to encryption; users advised to report account issues.
– Blocking option available in encrypted conversations.
9. Logout and Key Backup:
– Logout deletes messages on the current device but doesn’t erase private keys.
– Key backup feature planned for future implementation.
10. Limitations Acknowledgment:
– Forward secrecy not implemented due to user experience considerations.
– Encrypted message deletion only removes data from the deleting user’s account.
In summary, X is indicating that it is committed to user privacy with encrypted direct messages, actively addressing limitations, and seeking user feedback for continuous improvement.
Source: https://help.twitter.com/en/using-x/encrypted-direct-messages