Just use PGP everywhere, it doesn't matter where you chat then.
this post was submitted on 29 May 2025
468 points (98.3% liked)
Technology
70461 readers
2394 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
They misspelled "backdoors."
I thought they disabled DMs when some influencer refused to have Elon Musk’s babies and shared her DMs with a friend
I would not trust any company/website to properly encrypt any important messages in the first place so I don't care whether they add a backdoor (and I've never had a Twitter account anyway).
..but it sounds like a really shitty development/release process to me. Why would you disable something while whatever is to come in its place is not ready yet?
Why not do the development first and then migrate when it's actually ready lol
There may be several reasons for this. If I had to guess, they found a critical flaw and had to shut it down for security reasons.
while we work on making improvements
🤣
The fact that he tried to make it like there is a reasonable reason is delightful.
"Improvements" = Adding backdoors to their encryption for agency spying networks.
This is how that works.
I'm more than confident that Twitter already had a backdoor for encrypted DMs.
However, I would bet cash money that the current administration has lost the institutional knowledge of how to use it. So they're having to reinvent the wheel, most likely by injecting a bunch of new bugs and sloppily implemented hacks.
I just like the idea that previous administrations just delete all of the documentation on the way out, rather like a fired sysadmin worker deleting all their automation scripts. "Work it out for yourself"
They need to add a backdoor
that is my first thought as well.
"Shoot we didn't take into consideration that GROK will need to be able to see these somehow, so now we need to redo it"
Bold of you to assume they weren't already able to do it
I mean fair, but when Encrypted DM went live, Twitter was just starting to get into the AI field, and it was amidst a very uncertain state at that time, so I wouldn't be surprised if they haden't even thought of it.
I just assumed it was elon trying decrypt old messages to make trump people happy so they go after individuals
a? as in one?
every agency gets their own key.
People need to stop going on Twitter....
Lemmy instance admins don't even need a backdoor to read your "private" messages btw.
Obviously...
Like, you understand someone has to monitor that shit, right?
Do people think social media DMs are supposed to be secure?
I mean, ones that are E2E encrypted are.....
Like, you understand someone has to monitor that shit, right?
No, they don't if they're encrypted.
So… they’re definitely adding some spying capabilities.
100%. If it was purely a migration, it wouldn't need to have downtime. There's ways to replay events and eventually catch a system up (eventual consistency models).
This feels more like they're adding backdoor into their encryption algorithms for government agencies.
Given who musk is, and what he's done the last year and who he's hanging out with in this admin, that's a near sure thing.
I doubt this is news to most folks on the Fediverse, but don’t trust Twitter, Facebook, or any company whose business model is advertising to secure your private conversations.
Even if they aren’t up to no good today, it is only a matter of time until they come for your messages.
As it happens, you shouldn’t trust Lemmy DMs either, as they’re not encrypted and can be read by instance administrators. So don’t use them to say anything that you wouldn’t be okay making public.
this should be the default stance when using any built in encryption. always separate the mode of encryption from the mode of transmission.
Someone told me they are public some months ago? Like if someone wanted to look up your lemmy DMs they could.
There was an exploit in version 0.17.0 through 0.19.0 (fixed in 0.19.1) that, from what I understand, allowed people to view DMs of anyone by reporting them, but as you can't know the ID of a given DM you're not part of, they couldn't really target a specific user, but rather would just send reports to a range of potential IDs and see what comes back.
I’ve been hearing a lot of straight up adverts about WhatsApp recently, which I found interesting.
I saw a WhatsApp ad on Prime. And it was focused on the encryption aspect. "WhatsApp can't even read your messages" or whatever. Was weird.
I’m hearing a lot of that on the radio.
load more comments
(2 replies)
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⣤⣤⣤⣤⣤⣶⣦⣤⣄⡀⠀⠀⠀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⢀⣴⣿⡿⠛⠉⠙⠛⠛⠛⠛⠻⢿⣿⣷⣤⡀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⣼⣿⠋⠀⠀⠀⠀⠀⠀⠀⢀⣀⣀⠈⢻⣿⣿⡄⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⣸⣿⡏⠀⠀⠀⣠⣶⣾⣿⣿⣿⠿⠿⠿⢿⣿⣿⣿⣄⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⣿⣿⠁⠀⠀⢰⣿⣿⣯⠁⠀⠀⠀⠀⠀⠀⠀⠈⠙⢿⣷⡄⠀
⠀⠀⣀⣤⣴⣶⣶⣿⡟⠀⠀⠀⢸⣿⣿⣿⣆⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣷⠀
⠀⢰⣿⡟⠋⠉⣹⣿⡇⠀⠀⠀⠘⣿⣿⣿⣿⣷⣦⣤⣤⣤⣶⣶⣶⣶⣿⣿⣿⠀
⠀⢸⣿⡇⠀⠀⣿⣿⡇⠀⠀⠀⠀⠹⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡿⠃⠀
⠀⣸⣿⡇⠀⠀⣿⣿⡇⠀⠀⠀⠀⠀⠉⠻⠿⣿⣿⣿⣿⡿⠿⠿⠛⢻⣿⡇⠀⠀
⠀⣿⣿⠁⠀⠀⣿⣿⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⣧⠀⠀
⠀⣿⣿⠀⠀⠀⣿⣿⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⣿⠀⠀
⠀⣿⣿⠀⠀⠀⣿⣿⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⣿⠀⠀
⠀⢿⣿⡆⠀⠀⣿⣿⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⡇⠀⠀
⠀⠸⣿⣧⡀⠀⣿⣿⡇⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣿⠃⠀⠀
⠀⠀⠛⢿⣿⣿⣿⣿⣇⠀⠀⠀⠀⠀⣰⣿⣿⣷⣶⣶⣶⣶⠶⠀⢠⣿⣿⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⣿⣿⠀⠀⠀⠀⠀⣿⣿⡇⠀⣽⣿⡏⠁⠀⠀⢸⣿⡇⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⣿⣿⠀⠀⠀⠀⠀⣿⣿⡇⠀⢹⣿⡆⠀⠀⠀⣸⣿⠇⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⢿⣿⣦⣄⣀⣠⣴⣿⣿⠁⠀⠈⠻⣿⣿⣿⣿⡿⠏⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠈⠛⠻⠿⠿⠿⠿⠋⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
They're being rerouted to a more "secure" storage facility. I believe it's Kaspersky's.
Is not Kaspersky part of the US government embargo on Russian companies?
Oh man I may have to stop using this fascist propaganda service now.
Three years later…
"With the latest update, you are now unable to read any encrypted PMs before may 2025. Sorry for the inconvenience."
More like, "for your convenience, we have decrypted all of your encrypted PMs before May 2025 and included them in this plaintext document"
"We are excited to announce the new encrypted messaging feature that is going to be released soon™"
elon is the dumbest "genius" ever 🤦♂️
he's just rich but likes to pretend smart
I think there was a once a time in which he did some smart stuff (although he gets a ton a credit for stuff his employies do), but since he starting taking all those drugs he became actually insane and stupid
like theres actually no benefit of any sort to do a fucking Nazi salute
Do people really use DMs there?
For spamming ads and scams to people? Absolutely.
Before too many more conspiracy theorists jump in - it looks like they're replacing encrypted DMs with "chat" where EVERYTHING is encrypted:
https://x.com/P4mui/status/1927829200599224624
They're moving to IRC?
Last update 2010. Makes me sad. Good times using IRC, I should find a modern program and get back on there.
irssi
Damn. That's probably the last time I used it, too.
Haha yeh that person probably should have seen if XChat was already taken, but you know what they meant.
Will they be using a modern encryption protocol this time?
view more: next ›