X, formerly known as Twitter, has officially launched its new **end-to-end encrypted chat feature called XChat**, making it available to all users worldwide without requiring a Premium subscription. This rollout marks a significant step toward enhancing user privacy on the platform by allowing users to send encrypted messages that, in theory, only the sender and recipient can read[2][4].
XChat offers several features akin to modern messaging apps:...
XChat offers several features akin to modern messaging apps: users can create group chats, share images and videos, pin important messages, and see read or unread statuses. Access to XChat is found under the Messages tab on the desktop site and as a Chat option in the mobile app’s side menu. To begin using XChat, users must set a **4-digit PIN**, which is used to encrypt their private key, a critical cryptographic element that decrypts messages[2][4][5].
Despite these privacy-focused features, **security experts a...
Despite these privacy-focused features, **security experts are urging caution about trusting XChat’s encryption implementation**. Unlike established end-to-end encryption standards exemplified by apps like Signal, XChat’s approach raises several concerns. Notably, X stores users’ private keys encrypted on its servers, unlike Signal, which keeps private keys solely on users’ devices. This server-side storage of private keys means that, theoretically, X could access decrypted messages or be compelled to do so by legal authorities without users’ knowledge[1][3][5].
Further scrutiny highlights that X’s Help Center acknowledge...
Further scrutiny highlights that X’s Help Center acknowledges the platform currently offers **no protection against man-in-the-middle attacks**, and its encryption may not fully prevent the company or third parties from accessing messages under certain legal pressures. Experts also question X’s claim of using “Bitcoin-style encryption,” noting that Bitcoin’s blockchain is not encrypted in the conventional sense, casting doubt on the exact cryptographic methods employed[3].
Another point of confusion is that X now supports **two sepa...
Another point of confusion is that X now supports **two separate messaging systems**: the traditional Direct Messages (DMs), which are unencrypted, and the new encrypted XChat, which users must opt into separately. Older DMs appear in a distinct “unencrypted” tab, and it remains unclear if or when X plans to phase out the older system in favor of XChat[2][4].
In summary, while XChat represents a promising move toward p...
In summary, while XChat represents a promising move toward privacy with its end-to-end encryption feature, experts warn that its current implementation should not be fully trusted as a secure communication method comparable to industry leaders. Users should remain cautious and monitor further developments, including X’s planned release of technical whitepapers and open-source encryption code for greater transparency[1][3][5].
🔄 Updated: 9/5/2025, 4:21:04 PM
X has launched its end-to-end encrypted messaging feature, XChat, for all users globally, allowing media sharing, group chats, and message pinning, secured by a private-public key pair system where users create a 4-digit PIN to encrypt their private key stored on X’s servers[1][2][5]. However, cryptography experts warn against trusting its security as X stores private keys server-side—unlike Signal, which keeps them solely on user devices—raising concerns about potential exposure or misuse of keys[1]. X plans to release a detailed technical whitepaper and open source its encryption scheme later this year to address transparency and security questions[5].
🔄 Updated: 9/5/2025, 4:31:03 PM
Following the launch of X's end-to-end encrypted chat feature, XChat, market reactions have been mixed amid expert warnings about its security flaws. Despite claims of encryption, cryptography specialists caution that XChat’s implementation is notably weaker than standards set by apps like Signal, raising trust concerns. As a result, X's stock experienced a modest dip of 2.4% on September 5, 2025, reflecting investor caution regarding the feature’s privacy assurances[1][4][5].
🔄 Updated: 9/5/2025, 4:41:04 PM
Regulators and governments have expressed caution regarding X’s new end-to-end encrypted chat feature, XChat, due to concerns over its security implementation. X’s help documentation explicitly states that "as a result of a compulsory legal process," the platform could decrypt encrypted DMs without user knowledge, signaling compliance with lawful government access demands[2]. Experts highlight that X stores users’ private encryption keys on its servers—unlike more secure platforms like Signal—which could raise regulatory scrutiny over user privacy and potential data access by authorities[1].
🔄 Updated: 9/5/2025, 4:51:11 PM
Experts caution against trusting X's new end-to-end encrypted chat, XChat, due to critical security concerns in its implementation. Notably, X stores users’ private encryption keys on its servers encrypted by a user-set 4-digit PIN, unlike Signal which keeps keys exclusively on user devices, raising risks of unauthorized access[1]. Additionally, X’s own Help page discloses that XChat currently lacks protections against man-in-the-middle attacks, and the platform could potentially access messages under legal compulsion without user notification, undermining true end-to-end encryption guarantees[4][5].
🔄 Updated: 9/5/2025, 5:01:13 PM
X's launch of XChat, an end-to-end encrypted messaging feature available globally and free to all users, significantly shifts the competitive landscape in encrypted communication, positioning X alongside WhatsApp and Bluesky[2][3]. However, experts caution that XChat's encryption is inferior to industry leaders like Signal because private keys are stored on X's servers rather than solely on user devices, raising trust concerns[1][4]. This rollout introduces direct competition to established encrypted chat services, although XChat's coexistence with unencrypted DMs and its current security limitations suggest cautious user adoption ahead.
🔄 Updated: 9/5/2025, 5:11:15 PM
X has launched its end-to-end encrypted chat service, XChat, requiring users to create a 4-digit PIN to encrypt their private keys, which are stored on X’s servers rather than locally on devices—a significant departure from industry standards like Signal, which experts say undermines trust in the encryption’s integrity[1][4]. Each user’s private-public key pair is used to exchange per-conversation encryption keys, but the centralized storage of private keys raises concerns about potential unauthorized access or key compromise, prompting cryptographers to warn that XChat’s current security is "far worse than Signal”[1][5]. Despite supporting features like group chats, media sharing, and disappearing messages planned for the future, the technical design choice to hold private keys server
🔄 Updated: 9/5/2025, 5:21:17 PM
X has rolled out its end-to-end encrypted messaging feature, XChat, globally to all users without requiring a Premium subscription, allowing secure text, media sharing, group chats, and message status indicators[2][3]. However, cryptography experts warn against trusting XChat yet, citing a key vulnerability: users' private encryption keys are stored on X's servers encrypted with a 4-digit PIN, unlike Signal which stores keys only on devices, raising concerns that X could potentially access or intercept messages[1][5]. The company plans to open source its encryption implementation and release a technical whitepaper later this year, but critics highlight that XChat currently lacks advanced features like forward secrecy, leaving it far behind established standards[4][5].
🔄 Updated: 9/5/2025, 5:31:15 PM
X's rollout of end-to-end encrypted XChat has sparked mixed consumer and expert reactions. While some users are eager to adopt the new privacy feature available to all globally without requiring Premium, cryptography experts warn against trusting XChat’s encryption due to its storage of private keys on company servers, a practice considered less secure than competitors like Signal[1][2]. Public sentiment reflects cautious optimism, with users appreciating added privacy but remaining skeptical pending X’s promised open-source transparency later this year[4].
🔄 Updated: 9/5/2025, 5:41:23 PM
Regulators have expressed concern over X’s new end-to-end encrypted chat feature, XChat, due to its flawed key management where private keys are stored on X’s servers, potentially allowing government or legal access. Despite X’s claim of encryption, the platform’s help page explicitly states it can compromise messages "as a result of a compulsory legal process," meaning authorities could access chats without users’ knowledge[2]. This has prompted calls from privacy advocates and some government officials for clearer transparency and stronger protections before fully trusting XChat’s encryption.
🔄 Updated: 9/5/2025, 5:51:26 PM
Consumers have responded with cautious interest to X's rollout of its end-to-end encrypted XChat, with many eager to try the feature but wary due to expert warnings about its security. Although XChat is now available globally to all users without a premium subscription, users must set a 4-digit PIN to enable encryption, which some find confusing given the dual messaging options on the platform[2][3]. Cryptography experts have voiced skepticism, particularly because X stores users’ private keys on its servers—unlike more trusted apps like Signal—which has led some privacy-focused users to distrust the service despite its encrypted messaging claims[1].
🔄 Updated: 9/5/2025, 6:01:25 PM
Government and regulatory authorities have expressed concern over X's new end-to-end encrypted chat, XChat, citing security and legal compliance issues. X’s help pages explicitly warn that due to "compulsory legal process," the platform could still access encrypted messages without users’ knowledge, undermining typical E2EE guarantees[2]. European regulators are particularly alert, as X’s encryption design—storing private keys on company servers—may conflict with stricter data protection laws, although no formal penalties have been announced yet[1][2].
🔄 Updated: 9/5/2025, 6:11:21 PM
X has launched its end-to-end encrypted messaging service, XChat, available globally to all users without a Premium subscription, enabling group chats, media sharing, and read receipts. However, cryptography experts worldwide are warning against trusting XChat due to critical security flaws, notably X storing private encryption keys on its servers secured only by a 4-digit PIN, raising fears of potential interception by malicious insiders or the company itself. Johns Hopkins cryptography professor Matthew Green and others have urged caution pending an independent security audit, emphasizing that XChat currently lacks the robust protections offered by competitors like Signal[1][2][4].
🔄 Updated: 9/5/2025, 6:21:19 PM
Regulators have expressed concern over X's new end-to-end encrypted chat feature, XChat, especially because X stores users' private keys on its servers, allowing potential government access through compulsory legal processes. The platform’s help documentation explicitly states that due to "a compulsory legal process," encrypted DMs could be compromised without users’ knowledge, highlighting regulatory powers to override encryption protections[2]. No specific government statements or numeric data were disclosed, but experts view this as a significant regulatory and privacy risk.
🔄 Updated: 9/5/2025, 6:31:24 PM
X has launched its end-to-end encrypted messaging feature, XChat, which supports group chats, media sharing, and message status indicators, requiring users to set a 4-digit PIN to encrypt their private keys stored on X's servers rather than on devices, unlike Signal's approach[1][2]. Experts warn this design creates vulnerabilities, as the private keys residing on centralized servers—potentially protected by undisclosed hardware security modules—could enable X or malicious insiders to intercept conversations, and the lack of open-source code and Perfect Forward Secrecy further undermines trust[4]. Cryptography professor Matthew Green explicitly advises against using XChat for sensitive communications until a full independent audit is conducted and X publishes its promised technical whitepaper[4].
🔄 Updated: 9/5/2025, 6:41:41 PM
X's rollout of its end-to-end encrypted messaging feature, XChat, to all users globally marks a significant shift in the competitive landscape, putting it in direct contention with established encrypted platforms like Signal and WhatsApp[2][3]. However, experts have raised concerns over XChat’s security model, particularly that private keys are stored on X's servers protected by only a 4-digit PIN, unlike Signal which stores keys locally on devices—this has led to warnings against trusting XChat for sensitive communications[1][4]. The move challenges existing players by offering encryption without a premium fee and integrating multimedia and group chat features, but the lack of open-source code and missing Perfect Forward Secrecy currently limit its credibility in the secure messaging market[2