Twitter's new encrypted DM system stores your private key material on Twitter-owned services, protected with nothing more than a 4-digit PIN. If hostile, or if legally compelled to, Twitter could easily decrypt all your messages. It's also MITMable and doesn't secure metadata. Use Signal.
https://mjg59.dreamwidth.org/71646.html
Matthew Garrett
npub1jp…qvqhj
2025-06-05 11:12:20 UTC
Author Public Key
npub1jpfx7gvwn68l9rw8def53lkljwg0yv7fn99tqdzxyn68k29p8gmq9qvqhjSeen on
wss://relay.momostr.pinkPublished at
2025-06-05 11:12:20 UTCEvent JSON
{
"id": "b0d03f3b45f36d102c027d3f2ba9c1a67885056a8d71df4adb925af26abbcb9b",
"pubkey": "90526f218e9e8ff28dc76e5348fedf9390f233c9994ab0344624f47b28a13a36",
"created_at": 1749121940,
"kind": 1,
"tags": [
[
"proxy",
"https://nondeterministic.computer/@mjg59/114630455502269721",
"web"
],
[
"proxy",
"https://nondeterministic.computer/users/mjg59/statuses/114630455502269721",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://nondeterministic.computer/users/mjg59/statuses/114630455502269721",
"pink.momostr"
],
[
"-"
]
],
"content": "Twitter's new encrypted DM system stores your private key material on Twitter-owned services, protected with nothing more than a 4-digit PIN. If hostile, or if legally compelled to, Twitter could easily decrypt all your messages. It's also MITMable and doesn't secure metadata. Use Signal.\n\nhttps://mjg59.dreamwidth.org/71646.html",
"sig": "2ad89845a667d6ee050987ecab69df2310814c8a439ffee2754e79becda41cc6314867045a840b06043d35f582ef75cd785b819f0b4a2cc2f0e44d49ddd6808d"
}