.png)
2 days ago
2
Elon Musk's X social media platform is rolling out a new version of its direct messaging feature that the platform owner said had a "whole new architecture," but as with many a Muskian proclamation, there's reason to doubt what's been said.
Dubbed "XChat" (not to be confused with the venerable Linux/Windows IRC app of the same name), Musk informally announced the feature on Sunday, a few days after the company formerly known as Twitter paused encryption on messaging to make "some improvements.".
Musk's declaration, however, didn't reveal much about the nature of the changes, and has been enough to cause some encryption experts to doubt what was stated by the world's richest man.
"All new XChat is rolling out with encryption, vanishing messages and the ability to send any kind of file," Musk said in a tweet. "Also, audio/video calling.
"This is built on Rust with (Bitcoin style) encryption, whole new architecture," Musk added. And here's where the skeptics and cryptocurrency fans in the digital town square pounced: There ain't no encryption on the Bitcoin blockchain.
As reported by crypto news site Coindesk, experts have been quick to point out that, while there's plenty of cryptography and digital signing involved in Bitcoin, the blockchain itself isn't encrypted, and there really isn't such a thing as "Bitcoin style encryption."
In other words, it's worth questioning whether XChat is going to be encrypted in a way that most people think of encrypted chat: End-to-end encryption (E2EE) that renders messages completely unreadable by anyone who might happen to snoop in them, be it an illicit intermediary or the platform that hosts the messages itself. That's how Signal and Meta-owned WhatsApp work.
As was the case in 2023, when then-Twitter first announced encrypted messages under owner Elon Musk, it doesn't appear that XChat will offer true E2EE. The help page, which was updated with the launch of the service, still warns "currently, we do not offer protections against man-in-the-middle attacks" and says that Twitter itself, "as a result of a compulsory legal process," could compromise so-called encrypted DMs on the platform without the sender or receiver being aware.
The help page does say that messages are stored on X infrastructure in an encrypted format, and are only decrypted once received "so that they can be read by the user." That sounds a lot like E2EE, but it's crucial to note that the old version of the encrypted DM help page said the same thing, followed by that "we-can-still-read-your-messages" warning, so take that with a grain of salt. Perhaps the details will become clearer once X releases a whitepaper and open-sources its implementation of Xchat, as it promised to do "later this year."
- X marks the drop for European users
- Musk's DOGE muzzled on X over tape storage baloney
- Elon's latest X-periment: Blocked users can still stalk your public tweets
- Musk's xAI swallows Musk's X in ego-friendly, all-stock deal
Safety not guaranteed
Skeptics about the new Xchat's privacy include Matthew Hodgson, the co-founder and CEO of encrypted messaging platform Element, used by the US military, NATO, the United Nations, and other highly secure organizations.
"XChat looks to be just another centralized platform where users have zero control over their data," Hodgson said in a statement emailed to The Register. "Elon Musk says it's 'encrypted' but offers no technical transparency, no audits, no open source, just vague references to Bitcoin-style architecture."
Hodgson referred to allegations that Musk's position at DOGE potentially gave him access to sensitive government data and the personal information of US citizens, as well as reports claiming the social media platform formerly known as Twitter had collected more data than necessary. He claims both are reasons to question whether XChat is anywhere as safe to use as Musk claims.
"Such actions highlight a pattern of data handling that prioritizes X rather than its users," Hodgson said. Anything less than "open protocols, transparency and decentralization," said the Element chief, "is just marketing."
We've reached out to X to get more details on the nature of XChat, but didn't immediately hear back. ®
