In a new support document, Twitter has detailed what you’ll be able to count on from the primary model of the platform’s encrypted direct messages. Maybe most notably, to have the ability to ship and obtain encrypted messages, you’ll should pay Twitter for the flexibility to take action. Platforms like WhatsApp, Messenger, Sign, and iMessage already supply encrypted messaging totally free, so having to pay for the characteristic on Twitter could be a tough capsule to swallow.
In keeping with the doc, encrypted DMs are solely out there if you’re a verified consumer (anyone who pays for Twitter Blue), a verified group (a corporation that pays $1,000 per month), or an affiliate of a verified group (which prices $50 per month per person). Each the sender and recipient have to be on the newest model of the Twitter app (on cellular and internet). And an encrypted DM recipient should comply with the sender, have despatched a message to the sender up to now, or settle for a DM request from the sender in some unspecified time in the future.
If you’re an individual who can ship encrypted messages to anyone who can obtain them, you’ll see a lock toggle when you’re drafting a message. In an encrypted dialog, you’ll additionally see a small lock icon subsequent to the avatar of the individual you’re chatting with. Encrypted DMs might be separate from unencrypted ones.
Encrypted DMs at the moment have a couple of limitations and a really massive flaw. You’ll be able to solely ship them in one-on-one conversations; Twitter says it’s going to “quickly” deliver the characteristic to teams. You’ll be able to solely ship textual content and hyperlinks. And Twitter warns that it doesn’t have protections towards man-in-the-middle assaults. “Consequently, if somebody — for instance, a malicious insider, or Twitter itself because of a obligatory authorized course of — had been to compromise an encrypted dialog, neither the sender or receiver would know,” Twitter says.
The corporate is planning mechanisms to make man-in-the-middle assaults tougher and alert customers if one occurs. “As Elon Musk mentioned, in relation to Direct Messages, the usual needs to be, if somebody places a gun to our heads, we nonetheless can’t entry your messages,” the corporate wrote. “We’re not fairly there but, however we’re engaged on it.”
Twitter additionally notes that whereas messages and reactions to encrypted DMs are encrypted, “metadata (recipient, creation time, and so on.) aren’t, and neither is any linked content material (solely hyperlinks themselves, not any content material they discuss with, is encrypted).”
Encrypted DMs appear to be a precedence for Musk; it’s a characteristic he spelled out as a part of “Twitter 2.0” for workers in November. However blue checkmarks are already unpopular sufficient, and I doubt that forcing you to pay for an vital characteristic you’ll be able to simply get totally free elsewhere goes to enhance their popularity.