You keep your messages encrypted and your desktop private. That's the deal — Signal for chat, a locked screen for everything else. Two walls, two doors, both closed.

But what if one company asked you to hand over the keys to both doors at the same time?

Yesterday, we covered how xAI shipped two contradictory products in the same week — Grok Computer (an AI that watches your screen) and XChat (a messenger that promises nobody watches anything). Same company. Same week. Very normal behavior.

Since then, the picture got worse. Considerably worse.

The Backdoor You're Supposed to Ignore

XChat's privacy pitch sounds airtight: end-to-end encryption (only sender and receiver can read messages), disappearing messages, screenshot blocking. Solid, right? Then ByteIota reported on April 18 what happens when you actually use the app. XChat has a feature called "Ask Grok" — you long-press any message, tap the button, and your encrypted message flies to Grok's servers in plaintext. No encryption. No warning label. Just raw text, delivered straight to the same company that's also watching your desktop through Grok Computer.

That's like installing a bank vault door and cutting a cat flap right through the middle of it. Sure, the door is technically still there.

The Keys Are Inside the House

X stores your encryption keys using the Juicebox protocol, splitting them into three parts. All three parts live on X's own servers. On April 18, cryptography professor Matthew Green called this "a pretty game-over type of vulnerability." No forward secrecy — meaning even if you stop using XChat tomorrow, a future key compromise unlocks every message you ever sent. Not some messages. All of them.

And the App Store privacy label? According to a KuCoin analysis published April 18, XChat collects four categories of personal data: location, contact data, search history, and user content. For an app marketing itself as "No Ads, No Trackers" to X's 550 million users. You'd almost admire the audacity if it weren't your data on the line.

Musk promised ahead of the April 18 launch to open-source the code and run independent security audits. As of April 19, 2026: no GitHub repo. No audit report. No third-party review. Just the promise, hanging in the air like a TODO comment from 2019 that nobody assigned.

"Reckless" Isn't Editorial — It's a Quote

Meanwhile, Grok Computer — the desktop agent that captures real-time video of your screen, opens apps, fills forms, clicks buttons — xAI launched it with exactly zero published safety documentation. No model card, which is a standard report detailing what an AI can do, what risks the team tested, and what guardrails exist. For context: Anthropic published a detailed model card for their Computer Use feature. OpenAI published one for Operator. xAI published... a tweet.

On April 17, Anthropic researcher Samuel Marks called the launch "reckless" and a departure from "industry best practices." When a researcher at a competing AI lab publicly worries about your users on the record, that's not rivalry — that's a distress signal.

You already know the backstory: every original xAI co-founder departed, Apple threatened to yank Grok from the App Store over deepfake content, and Musk himself admitted xAI "was not built right the first time around." Same pattern, new evidence.

The Trust Equation

So here's what you're actually choosing between. Grok Computer: full desktop access, zero published safety evaluations, a company that couldn't keep its own founding team together. XChat: "encryption" that sends plaintext to Grok the moment you tap a button, stores your keys on X's own infrastructure, and contradicts its own App Store labels across all four data categories it claims not to collect.

Two products. Same company. Same trust deficit.

In AI's trust economy, xAI keeps writing checks on two opposite accounts. One says "I'll see everything." The other says "Nobody will see anything." Neither has a balance — and the bank just lost all its tellers.