Twitter has enabled Perfect Forward Secrecy across its mobile site, website and API feeds in order to protect against future cracking of the service’s encryption. The PFS method ensures that, if the encryption key Twitter uses is cracked in the future, all of the past data transported through the network does not become an open book right away.
“If an adversary is currently recording all Twitter users’ encrypted traffic, and they later crack or steal Twitter’s private keys, they should not be able to use those keys to decrypt the recorded traffic,” says Twitter’s Jacob Hoffman-Andrews. “As the Electronic Frontier Foundation points out, this type of protection is increasingly important on today’s Internet.”
Twitter’s been on a roll lately.