Why it matters: It’s been a wild ride since the announcement of Elon Musk’s purchase of Twitter. The SpaceX and Twitter CEO has been anything but shy about voicing his opinion on Twitter’s practices as they relate to content moderation. Earlier this week, the tech pioneer made his stance on message encryption very clear when he tweeted that Twitter DMs should be encrypted end-to-end, much like Signal and other secure messaging platforms.
Musk made the statement only a few days after entering into the agreement to buy the popular social media platform. Implementing end-to-end encryption (E2EE) supports Musk’s goals for the platform, which include improving Twitter with “…new features, making algorithms open-source to increase trust, defeating the spam bots, and authenticating all humans.”
Twitter DMs should have end to end encryption like Signal, so no one can spy on or hack your messages
— Elon Musk (@elonmusk) April 28, 2022
In its current state, any direct message sent between Twitter users is viewable by the sender, the recipient, and any Twitter administrators with the required level of system access. What does this mean to the average user? Your direct messages, which are typically intended to be private between parties, are not private at all. They can be pulled and viewed at any time by the 3rd party (in this case, Twitter’s admins). The ability to access these messages means they are accessible for anything from replies to law enforcement requests to hackers and malicious actors wishing to exploit or cause harm to the senders, recipients, and other parties referenced in the messages.
E2EE helps to prevent these 3rd parties from inappropriately accessing private messages. Instead, messages are converted to ciphertext, making them useless to anyone accessing or intercepting the message. The ciphertext can only be decrypted when the sender and receiver have the right cryptographic keys to decrypt the original message. This encryption is intended to keep the data’s confidentiality, integrity, and availability, known as the CIA triad.
Proponents of online privacy welcome E2EE and the protections that it provides. Other users, ranging from world governments to charity and special interest groups, feel that E2EE goes too far and helps to hide criminal activity and protect those engaged in it. The only certainty today is that the lines around online privacy are, and will likely continue to be, anything but clear.
Image credit: What is E2EE courtesy of Heimdal Security