X now offers encrypted chat from end to end. You may not trust him yet.

X, previously Twitter, has I started going out The new encrypted messaging feature called “chat” or “xchat”.

The company claims that the new communication feature EncryptedIn the sense of mutual messages on them, they can only be read by the sender and his future, and – in theory – no one else, including x, can reach them.

However, encryption experts warn against not trusting the current X’s encryption in Xchat. They say it is much worse than Signal, a technique that is widely considered the technical state when it comes to comprehensive encrypted chat.

In Xchat, as soon as the user clicks on “Set Up Now”, X calls you to create a 4 -figure pin, which will be used to encrypt the user’s private key. Then this key is stored on X. The private key is mainly a secret encoding key for each user, which serves the purpose of deciphering messages. As in many encrypted services from one side to the tip, a key is paired with a public key, which is used by the sender to encrypt the messages on the recipient.

This is the first red sign of Xchat. The signal stores the user key on its devices, not on its servers. It is also important and where the special keys are stored on X.

Matthew Garrett, security researcher Publishing a blog post About Xchat in June, when X announced the new service slowly It started recyclingHe wrote that if the company does not use the so -called hardware security units, or HSMS, to store the keys, the company can tamper with the keys and decompose messages. HSMS is specially made servers to make it difficult for the company you own to access data inside.

X. He said In a post in June, the company uses HSMS, but he or the company has not provided any evidence yet. “Until this is done, this is” trust us, his brothers, “Garrett told Techcrunch.

The second red flag, Who admits x itself On the X Chat Support page, it is that the current implementation of the service can allow “from the malicious interior or X itself” to settle encrypted conversations.

This is what is called technically.Discount“Or AitM attack. This makes the complete target of the platform encrypted from end to end.

Garrett said that X “gives you the public key whenever you communicate with them, so even if they carried out this correctly, you cannot prove that they did not make a new key” and perform the AitM attack.

Another red mark is that any of the Xchat app, at this stage, is open source, unlike the signal, which is Publicly documented in detail. x He says It aims to “open the source for our implementation and describe the technique of encryption deeply through a white technical paper later this year.”

Finally, X does not offer.Perfect secrecy forward“A encoding mechanism through which every new message is encoded with a different key, which means that if the attacker disables the user’s private key, they can only decipher the last message, not all previous. The company itself also Confess This deficiency.

As a result, Garrett does not believe that Xchat is at a stage that users should trust yet.

“If all those concerned are fully worthy, the X application is technically worse than the sign,” Jarrett told Techcrunch. “Even if they are completely trustworthy to start, they may stop confidence worthy of trust and embody multiple methods (…) If they are not worthy of trust or incompetent during initial implementation, it is impossible to prove the existence of any safety at all.”

Garrett is not the only expert to arouse interests. Matthew Green, an expert in encrypted at Johns Hopkins University.

“At the present time, until you get a full audit by someone, I will not trust this more than I trust in the current non -encrypted DMS,” Green told Techcrunch. (XChat is a separate feature that lives, at least at the present time, along with old direct messages.)

X did not answer many questions sent to the press email address.