Twitter Just Made It Harder for the NSA to Read Your Private Tweets

Twitter

Fight disinformation: Sign up for the free Mother Jones Daily newsletter and follow the news that matters.


On Friday, Twitter announced that it has enabled a new form of Internet security, already used by Google and Facebook, that makes it considerably more difficult for the NSA to read private messages. With this new security, there isn’t one pair of master “keys” that unlock an entire website’s encryption, instead, new keys are produced and destroyed for each login session.

“If an adversary is currently recording all Twitter users’ encrypted traffic, and they later crack or steal Twitter’s private keys, they should not be able to use those keys to decrypt the recorded traffic,” Twitter wrote on its blog. To put that into simple terms, that would be like giving a new set of keys to each visitor coming to your house, melting them down after the person gets inside, and changing the locks. The method is called “Perfect Forward Secrecy,” and while it has been around for at least two decades, it hasn’t been picked up by tech giants until recently, following the allegations of vast government surveillance by former NSA contractor Edward Snowden

This security system specifically takes aim at the NSA’s alleged practice of scooping up the encrypted communications of millions of users—either through hacking or top-secret national security orders—and then storing them until the agency is able to get a company’s keys to access all of the data.? While Twitter was never implicated in the NSA’s vast online surveillance program, PRISM, there is still quite a bit of private information the US government could be interested in on Twitter for its counterterrorism efforts—direct messages, time zones, user passwords, and email addresses, for example. 

To get a peek at how this security might play out in real life, look no further than the legal battle the Department of Justice is currently waging against Lavabit, an alternative email provider that was reportedly used by Snowden. When the founder of Lavabit refused to give up its master encryption keys to the US government—because it would have had access to thousands of email accounts—the company was held in contempt of court. If Lavabit had installed Perfect Forward Secrecy, however, the company wouldn’t have been able to give up its master keys, since they would have already been destroyed. 

The Electronic Frontier Foundation, an Internet privacy group, supports Perfect Forward Secrecy, arguing that “against the known threat of “upstream” data collection, supporting perfect forward secrecy is an essential step.” However, as EFF notes, this doesn’t necessarily make a company completely NSA-proof, since it doesn’t protect data that’s stored on a server (and NSA still managed to hack into Google, by breaking into its front end server, according to documents in the Washington Post).

The New York Times says that this new security will slow traffic down by about 150 milliseconds in the United States, and Tweeters are unlikely to notice. But it will “make the National Security Agency’s job much, much harder,” the paper said. 

WE'LL BE BLUNT

It is astonishingly hard keeping a newsroom afloat these days, and we need to raise $253,000 in online donations quickly, by October 7.

The short of it: Last year, we had to cut $1 million from our budget so we could have any chance of breaking even by the time our fiscal year ended in June. And despite a huge rally from so many of you leading up to the deadline, we still came up a bit short on the whole. We can’t let that happen again. We have no wiggle room to begin with, and now we have a hole to dig out of.

Readers also told us to just give it to you straight when we need to ask for your support, and seeing how matter-of-factly explaining our inner workings, our challenges and finances, can bring more of you in has been a real silver lining. So our online membership lead, Brian, lays it all out for you in his personal, insider account (that literally puts his skin in the game!) of how urgent things are right now.

The upshot: Being able to rally $253,000 in donations over these next few weeks is vitally important simply because it is the number that keeps us right on track, helping make sure we don't end up with a bigger gap than can be filled again, helping us avoid any significant (and knowable) cash-flow crunches for now. We used to be more nonchalant about coming up short this time of year, thinking we can make it by the time June rolls around. Not anymore.

Because the in-depth journalism on underreported beats and unique perspectives on the daily news you turn to Mother Jones for is only possible because readers fund us. Corporations and powerful people with deep pockets will never sustain the type of journalism we exist to do. The only investors who won’t let independent, investigative journalism down are the people who actually care about its future—you.

And we need readers to show up for us big time—again.

Getting just 10 percent of the people who care enough about our work to be reading this blurb to part with a few bucks would be utterly transformative for us, and that's very much what we need to keep charging hard in this financially uncertain, high-stakes year.

If you can right now, please support the journalism you get from Mother Jones with a donation at whatever amount works for you. And please do it now, before you move on to whatever you're about to do next and think maybe you'll get to it later, because every gift matters and we really need to see a strong response if we're going to raise the $253,000 we need in less than three weeks.

payment methods

WE'LL BE BLUNT

It is astonishingly hard keeping a newsroom afloat these days, and we need to raise $253,000 in online donations quickly, by October 7.

The short of it: Last year, we had to cut $1 million from our budget so we could have any chance of breaking even by the time our fiscal year ended in June. And despite a huge rally from so many of you leading up to the deadline, we still came up a bit short on the whole. We can’t let that happen again. We have no wiggle room to begin with, and now we have a hole to dig out of.

Readers also told us to just give it to you straight when we need to ask for your support, and seeing how matter-of-factly explaining our inner workings, our challenges and finances, can bring more of you in has been a real silver lining. So our online membership lead, Brian, lays it all out for you in his personal, insider account (that literally puts his skin in the game!) of how urgent things are right now.

The upshot: Being able to rally $253,000 in donations over these next few weeks is vitally important simply because it is the number that keeps us right on track, helping make sure we don't end up with a bigger gap than can be filled again, helping us avoid any significant (and knowable) cash-flow crunches for now. We used to be more nonchalant about coming up short this time of year, thinking we can make it by the time June rolls around. Not anymore.

Because the in-depth journalism on underreported beats and unique perspectives on the daily news you turn to Mother Jones for is only possible because readers fund us. Corporations and powerful people with deep pockets will never sustain the type of journalism we exist to do. The only investors who won’t let independent, investigative journalism down are the people who actually care about its future—you.

And we need readers to show up for us big time—again.

Getting just 10 percent of the people who care enough about our work to be reading this blurb to part with a few bucks would be utterly transformative for us, and that's very much what we need to keep charging hard in this financially uncertain, high-stakes year.

If you can right now, please support the journalism you get from Mother Jones with a donation at whatever amount works for you. And please do it now, before you move on to whatever you're about to do next and think maybe you'll get to it later, because every gift matters and we really need to see a strong response if we're going to raise the $253,000 we need in less than three weeks.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate