According to GSM Arena, X has launched a full-blown chat application called Chat that builds on the encrypted direct messages feature the company introduced in mid-2023. The new standalone app promises end-to-end encryption for chats and file sharing, disappearing messages, screenshot blocking, and the ability to edit and delete sent messages. X is marketing Chat as having “No ads. No tracking. Total privacy” while offering voice and video calls with voice memos coming soon. However, the company’s own help page reveals a significant security gap: the encryption doesn’t protect against man-in-the-middle attacks, meaning neither sender nor receiver would know if X itself, a malicious insider, or someone responding to legal process compromised their conversations. The Chat app is currently available for iOS and web browsers with an Android version coming soon.
The big security problem
Here’s the thing about that man-in-the-middle attack vulnerability – it’s kind of a massive deal for something being sold as private. X basically admits in their encrypted messages help page that if they get a court order or if someone inside the company decides to snoop, you’d never know your “private” conversation was being read. They say they’re working on fixing this and that eventually “both senders and recipients should be alerted in the event of an attack.” But right now? Not so much.
Entering a crowded field
So X is jumping into the messaging app wars with both feet. They’re up against Signal, WhatsApp, Telegram – you know, the established players who’ve been doing this privacy thing for years. The screenshot blocking and disappearing messages are nice features, sure. But launching without proper man-in-the-middle protection feels like showing up to a security conference with a “kick me” sign on your back. And let’s be real – does anyone really trust Elon Musk’s companies with their most private conversations after all the Twitter/X drama?
Where this could go
X claims in their announcement post that they’re building a new mechanism to make these attacks “difficult, if not impossible.” That’s promising, but we’ve heard similar promises before from tech companies. The real question is whether people will adopt yet another messaging app, especially one with known security gaps. If they can actually deliver on the privacy promise without the backdoors, this could become a serious competitor. But that’s a big “if” given the current state of things.
