Elon Musk wants hackers to take their best shot. “And we welcome any attempts to break 𝕏 encryption,” he posted yesterday, wading into a debate that had been brewing on the platform for two days.

It started when Musk claimed sending files through X Chat was “much more secure than email.”

elon-musk-x-chat-more-secure-email-post

Security researcher Sooraj Sathyanarayanan, who goes by @iAnonymous3000, pushed back hard. In a thread that garnered over 1.3 million views, he explained why he believes X Chat falls short of being a truly secure messaging platform.

His main gripe? Private keys get backed up to X’s servers instead of staying put on your device. That means X technically could access your messages if they wanted to, or if someone forced them to. He also flagged that X’s own documentation admits a single compromised key would expose your entire message history. Signal, by contrast, generates new keys constantly, so a breach only exposes one message at a time.

X’s Chat account pushed back. They explained that private keys get stored in Hardware Security Modules set up during a published key ceremony. Users need to enter the right PIN to recover keys, and after 20 wrong guesses, the keys destroy themselves. Nobody at X can brute force their way in, they claimed.

x-chat-security-statement

Then user @tetsuoai jumped in, sharing a diagram of X’s encryption architecture and calling it “bullet-proof.” Sathyanarayanan saw it differently. He pointed out that the diagram actually backed up his argument since it clearly showed private keys leaving the device and heading to X’s servers. “The encryption is fine. The architecture stores keys on X servers. That’s the point,” he wrote.

x-chat-security-breakdown

Unsurprisingly, Musk didn’t hold back on the competition. He called Signal “controlled by the woke mob” and reminded everyone that it went dark during an Amazon Web Services outage. “Do not trust Signal,” he wrote.

Sathyanarayanan acknowledged the AWS point was fair but said X Chat still needs three things before it can compete on security: device-only key storage with no server backups, forward secrecy through something like Signal’s Double Ratchet protocol, and the open source release X apparently promised back in June 2025 but never delivered.

X says self-custody and forward secrecy are coming. Musk’s open challenge to break the encryption might speed up the timeline, or prove him right. Either way, security researchers are probably already getting to work after seeing that post.

We stand out from the tech-media crowd because we break news stories; we mainly bring you stuff that you won’t find anywhere in the mainstream tech media. Our stories have been picked up by some of the world’s most popular websites and media outlets—more info is available here.

Dwayne Cubbins
2772 Posts

I cover fast-moving stories across apps, online platforms, and everyday tech — phones, wearables, consoles, and whatever else people are fighting with this week. Bugs, rollouts, scams, policy enforcement, and the occasional internet-culture rabbit hole are all fair game. My goal is simple — make confusing tech news readable. When I'm not working, I'm working out or chilling with my dog. Got a tip? You can find me on X @dcubbins.

Next article View Article

Instagram app crashing within seconds of opening on Android for many [U: Widespread again]

Update 12/02/26 - 02:17 pm (IST): Looks like Instagram's Android crashing problem is back with a vengeance. Reports started flooding in earlier today from users who can...
Feb 12, 2026 2 Min Read