X

Twitter may be tinkering with encrypted direct messages

A researcher finds Android APK code for a "Secret Conversation" feature that would offer end-to-end encryption.

Steven Musil Night Editor / News
Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.
Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.
Steven Musil
2 min read
Leon Neal / Getty Images

Twitter may be working on beefing up the security of messages sent directly between users, according to code spotted in the app's developer tools.

The feature, dubbed "Secret Conversation" in the Android APK, appears to allow users to trade encrypted direct messages, putting it in competition with secure messaging apps like Signal, Telegram or WhatsApp. The code was first spotted by Jane Manchun Wong, a computer science student at the University of Massachusetts Dartmouth.

Wong first revealed her discovery in a tweet Thursday, saying: "Twitter is working on End-to-End Encrypted Secret DM!" and posting a screenshot of the feature.

Twitter's popular direct message feature allows users to send messages to each other, regardless of whether they follow each other on the social networking platform. The feature allows users to trade messages without having to establish a connection beforehand.

Encryption scrambles data and only lets a person with the correct passcode have access. Tech firms and privacy advocates argue that encryption is essential to secure personal information and communications. Government and law enforcement officials counter that encryption hurts their ability to investigate criminal and terrorist activity.

Encryption gained a lot of scrutiny two years ago during Apple's public battle with the FBI over a request to help unlock an encrypted iPhone used in a terrorist attack. And after Democratic Party emails were hacked, Hillary Clinton and others working on her presidential campaign adopted Signal.

Last month, Iranian authorities ordered internet service providers in Iran to block access to Telegram, a secure messaging service linked to organizers of deadly anti-government protests. The app, which is used by roughly half the country's population, has grown in popularity recently due to its reputation for being immune from government surveillance.

As pointed out by TechCrunch, which first reported the discovery, APKs often contain code for unlaunched features being quietly tested. CNET couldn't independently verify the presence of the feature's code, and Twitter declined to comment.

Cambridge Analytica: Everything you need to know about Facebook's data mining scandal.

iHate: CNET looks at how intolerance is taking over the internet.