Is Twitter planning to bring encryption to your DMs?

8 May 2018

Could your Twitter DMs become more secure in future? Image: Robert Dunn/Shutterstock

Twitter is rumoured to be testing encryption for DMs.

All 336m Twitter users were urged to change their passwords last week, as the company announced it had found a bug that stored plaintext user passwords in an internal log. Although it says no evidence of tampering or a breach was found, the best thing to do would be to change your login credentials ASAP.

GDPR is just around the corner, but many digital publishers have issues with Google’s proposals around the regulation. The company was criticised by several digital publishing groups, representing titles such as Bloomberg and The New York Times, among others. The group said Google was placing unfair responsibility on the shoulders of publishers.

Meanwhile, Windows 10’s fresh update saw the roll-out of a variety of new features, including enterprise tools for compliance and admin tasks, as well as tab muting and PWA supports.

Another week brings another rake of enterprise news ­– catch up here.

Will Twitter slide encryption into your DMs?

End-to-end encryption has become a much more popular feature in recent years, and not just for activists, journalists and privacy experts either. With the general public becoming more privacy-conscious, it makes sense that Twitter may be working on bringing encryption to direct messages (DMs).

According to TechCrunch, there is a ‘secret conversation’ option buried in the APK for Twitter on Android. APKs generally contain code for features that are being tested on the down-low by companies. Jane Manchun Wong discovered that the feature had been built, but there is no detail yet on the possible implementation of the tool.

Cambridge Analytica must turn over data to UK watchdog

It may feel like a thousand years since the Cambridge Analytica story broke, but fresh stories are consistently emerging. According to the BBC, the firm – which has begun bankruptcy proceedings alongside parent group SCL Elections ­– will have to hand over data it is holding on US citizen Prof David Carroll.

He sent a data request to Cambridge Analytica in March 2017, and launched legal action when he thought the information they supplied to him was not complete.

The UK information commissioner, Elizabeth Denham, said: “The company has consistently refused to cooperate with our investigation into this case and has refused to answer our specific enquiries in relation to the complainant’s personal data.” Heavy fines could be in store if the data is not turned over.

Romanian hackers extradited to US for vishing and smishing attacks

Teodor Laurentiu Costea and Robert Codrut Dumitrescu have been extradited from Romania to the US and have been charged with wire fraud conspiracy, wire fraud, computer fraud and abuse, and aggravated identity theft, according to DarkReading.

A federal grand jury returned a 31-count indictment against the pair. It is said that both Costea and Dumitrescu would zero in on vulnerable computers in the US and use vishing (phishing through a voice recording) and smishing (text message phishing) to steal from targets. By pretending to be a financial institution, the pair apparently obtained a whopping $18m through various campaigns.

Equifax releases details of infamous breach

Credit reporting agency Equifax supplied more information to the US Securities and Exchange Commission yesterday (7 May). With the help of cybersecurity firm Mandiant, Equifax found that 38,000 driver’s licences, 12,000 social security or taxpayer ID cards, 1.8m email addresses, and 3,200 passports or passport cards were implicated in the breach, among other types of information. 209,000 payment card numbers were also mixed up in the breach.

Are you guilty of this password sin?

If you use the same password for your Facebook, Twitter and email accounts, you’re not alone. DarkReading reported on a survey of 2,000 people around the world, carried out by LogMeIn, showing that even though 91pc of respondents know the risks of using the same credentials, 59pc do so anyway.

Most of the respondents said forgetfulness was the main reason, while half of the respondents who use the same passwords do so to feel more in control of their accounts. More than half of the respondents said they hadn’t changed any of their passwords in the last year, despite being aware of the risks. People say the amount of accounts makes it difficult for them to keep track, while 11pc would rather sit in traffic than change their credentials.

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects

editorial@siliconrepublic.com