Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Kim Dotcom's Mega Fileshare Service Riddled With Security Holes

timothy posted about 2 years ago | from the all-a-mpaa-front-anyhow dept.

Piracy 151

twoheadedboy writes "Kim Dotcom launched his new project Mega on Sunday, claiming it was to be 'the privacy company.' But it might not be so private after all, as security professionals have ripped it to shreds. There are numerous problems with how encryption is handled, an XSS flaw and users can't change their passwords, they say. But there are suspicions Mega is handing out encryption keys to users and touting strong security to cover its own back. After all, if Kim Dotcom and Co don't know what goes on the site, they might not be liable for copyright prosecutions, as they were for Megaupload, Mega's preprocessor." On this front, reader mask.of.sanity points out a tool in development called MegaCracker that could reveal passwords as users sign up for the site.

Sorry! There are no comments related to the filter you selected.

Alert (5, Funny)

Anonymous Coward | about 2 years ago | (#42656093)

Clearly he is helping the FBI set up a honeypot in exchange for his freedom.

Honeypot Alert (1)

rmdingler (1955220) | about 2 years ago | (#42656139)

"You can't stay in your corner of the forest waiting for others to come to you. You have to go to them sometimes." ...A.A. Milne

Re:Alert (1)

Jeremiah Cornelius (137) | about 2 years ago | (#42656859)

You can get an account, without verifying the password you type.

Just one entry box, when I did it. Typo? Good luck! I guess it's time to get another burner email from Yahoo. :-)

False alarm (4, Insightful)

davidwr (791652) | about 2 years ago | (#42657667)

It's frequently wrong to assume malice when getting sloppy in a rush to deliver explains everything.

Meh (0)

GameboyRMH (1153867) | about 2 years ago | (#42656121)

While the concepts behind Mega were a huge improvement over similar sites, I still don't see the relevance of what is basically a tarted-up Napster-style file sharing site in the age of torrents (running over darknets, too).

Re:Meh (0)

Anonymous Coward | about 2 years ago | (#42656177)

Torrents running...over darknets? Stay in school.

Re:Meh (4, Informative)

GameboyRMH (1153867) | about 2 years ago | (#42656375)

Re:Meh (0, Flamebait)

Anonymous Coward | about 2 years ago | (#42656573)

Thanks a lot for the slashdotting, asshole.

Re:Meh (1)

GameboyRMH (1153867) | about 2 years ago | (#42656629)

I can't believe the person running i2p's homepage would be upset that I brought a lot of attention from people who are interested in the technology and have the means to expand the network.

Re:Meh (1)

Anonymous Coward | about 2 years ago | (#42656317)

The so called leader of the free hosting market for the masses, dropbox, offers only 2GB of storage and has a notorious problem with security issues. As a comparisson, Kim Dotcom's Mega service offers 50GB, and at least tries to add security from the start instead of relying on smoke-screen press releases, as happened with Dropbox.

So, it's very relevant if you wish to safely store your files in a third-party server.

Re:Meh (2)

V for Vendetta (1204898) | about 2 years ago | (#42657575)

Size aside - it's not like there aren't (client-side) encrypted services out there already: Spider Oak [wikipedia.org] or Wuala [wikipedia.org] , for example.

No one really gets it (4, Insightful)

JWW (79176) | about 2 years ago | (#42657605)

The security does not have to be good. The purpose of Mega is to disable the RIAA and MPAA's abilities to see what is shared.

It doesn't matter how bad the encryption is. If the MPAA or RIAA break the encryption on Mega's files they are violating the DMCA plain and simple.

Mega is using the RIAA and MPAA's weapons against them.

Re:No one really gets it (1)

GodfatherofSoul (174979) | about 2 years ago | (#42658777)

What if they just get someone to share content with them and find out it's a DVD of the latest Hollywood flick?

Re:No one really gets it (0)

Anonymous Coward | about 2 years ago | (#42659491)

If they actively upload the file (e.g. via an agent), aren't they saying OK to distribution in this way?

Re:No one really gets it (1)

Nyder (754090) | about 2 years ago | (#42659365)

The security does not have to be good. The purpose of Mega is to disable the RIAA and MPAA's abilities to see what is shared.

It doesn't matter how bad the encryption is. If the MPAA or RIAA break the encryption on Mega's files they are violating the DMCA plain and simple.

Mega is using the RIAA and MPAA's weapons against them.

Except they will be, or are probably lobbying an extension that will allow them to break DMCA in search of copyright infringers.

Bullshit (1)

Anonymous Coward | about 2 years ago | (#42656141)

It is far more likely a dis-information campaign to further discredit him.

The government claims on Mega-Upload turned out to be a bunch of lies, and I see no reason to think this is any different.

Re:Bullshit (2, Interesting)

Anonymous Coward | about 2 years ago | (#42656351)

This is waht it looks like. The same thing has never been said about rapidshare, uploaded, bitshare, dropbox or sugarsync, and Mega hasn't realy been out yet, has already about a million registered users, and it already is the target of a disinformation campaign that no other service has been subjected to date.

It does smell fishy and it looks like Kim DotCom does scare some people.

Re:Bullshit (0)

Anonymous Coward | about 2 years ago | (#42656851)

That and most ISPs are blocking uploads.

Re:Bullshit (1)

geminidomino (614729) | about 2 years ago | (#42657105)

I don't know about that. I mean, it's not inconceivable, not even close, but when you look at the aforementioned "masked password" problem (leaving out confirmation of a password you can't see begs for applied cluebat therapy) and the fact that even a "clean" (no add-ons or extensions) Firefox 18.0.1 won't even load the page for me, because of that stupid "The Operation is Insecure" LocalStorage error...

It's definitely possible that it's not entirely a hatchet job.

Security hole 1, Kim Dotcom (1)

Anonymous Coward | about 2 years ago | (#42656209)

Are you kidding me? Read the indictment, the biggest threat to your files is Kim Dotcom!

http://i.usatoday.net/tech/pdfs/12-0120-megaupload-indictment.pdf

You are worried that some creep will break in, take your private files and 'share' them with everyone, and yet you've given them to Kim Dotcom's server?

Re:Security hole 1, Kim Dotcom (0)

Anonymous Coward | about 2 years ago | (#42656283)

If you don't trust his crypto you can superencipher your data before uploading and the whole thing will still be better and more secure than most similar sites (such as Dropbox, which has had numerous security incidents in the past already), so what's your problem?

Re:Security hole 1, Kim Dotcom (5, Informative)

sunderland56 (621843) | about 2 years ago | (#42656515)

You can encypher your data before uploading on *any* site. At that point they are all equally secure. Kim's claim was that Mega was more secure by design.

However, the claim is completely broken. Mega is using a public/private key pair - generated by the web site - and so their servers actually *do* know both your keys, and *can* decrypt your data. So, basically, it is no more secure than dropbox.

Re:Security hole 1, Kim Dotcom (1)

GameboyRMH (1153867) | about 2 years ago | (#42656659)

Huh that's significant. In the early planning stages I remember his plan was that only the user would know the encryption key, and apart from the security aspects of that, it would shield Mega from liability since they would then be incapable of even knowing what was uploaded. Both of those are untrue then.

Re:Security hole 1, Kim Dotcom (3, Informative)

nschubach (922175) | about 2 years ago | (#42656987)

It says on their developer page [mega.co.nz] :

This master key is stored on MEGA's servers, encrypted with a hash derived from the user's login password. ... In addition to the symmetric key, each user account has a 2048 bit RSA key pair to securely receive data. Its private component is stored encrypted with the user's symmetric master key.

According to that, the keys are stored on the server, but it's encrypted with a hash of your password... I understand that all they would have to do is store the generated key somewhere and have full access to all your files if they wanted. I'm not debating that.

The part I'm trying to figure out is:

The cryptographic integrity of MEGA's user data is important to us. We can therefore not allow you to distribute or make available your client application without going through us. We will perform a code audit of your product and promote/distribute it on our site.

So they want full access to the source of your client "to ensure the integrity of MEGA's user data" but for some reason I keep reading that as though they know the properly coded application could damage their site.

Re:Security hole 1, Kim Dotcom (1)

mark-t (151149) | about 2 years ago | (#42657227)

Theoretically can, perhaps.... but I was under the impression that Mega doesn't actually store both.

Re:Security hole 1, Kim Dotcom (4, Insightful)

sunderland56 (621843) | about 2 years ago | (#42657337)

But that's the point. If they can in theory, then the site is not secure.

If they can in theory, then they can be forced to do so by a court order. Capture your password the next time you log in, decrypt your keys, then decrypt your files. If the courts can compel Mega to deliver unencrypted files as evidence, then the site is useless.

Re:Security hole 1, Kim Dotcom (1)

ThatsMyNick (2004126) | about 2 years ago | (#42657983)

However, the claim is completely broken. Mega is using a public/private key pair - generated by the web site - and so their servers actually *do* know both your keys, and *can* decrypt your data. So, basically, it is no more secure than dropbox.

Wrong. It is generated on the client side. Just because the web site generates it, doesnt mean the server has to know about it.

You are right about Mega being able to find the keys though. If they want to target you, they could modify the JS only for you and make the keys available to them. If you dont expect to be targetted for new uploads, it is indeed better than dropbox.

Re:Security hole 1, Kim Dotcom (2)

ThatsMyNick (2004126) | about 2 years ago | (#42658047)

Wait, I take that back. The private key is indeed stored on the server. So the only thing it, sort of, prevents is mass analysis of data (assuming they dont pull data analysis on the client side)

Re:Security hole 1, Kim Dotcom (1)

elucido (870205) | about 2 years ago | (#42659049)

That goes against everything they said in their press releases? So which is the truth? Why would they need to keep the keys if they are trying to protect themselves from prosecution?

Re:Security hole 1, Kim Dotcom (1)

elucido (870205) | about 2 years ago | (#42659001)

You can encypher your data before uploading on *any* site. At that point they are all equally secure. Kim's claim was that Mega was more secure by design.

However, the claim is completely broken. Mega is using a public/private key pair - generated by the web site - and so their servers actually *do* know both your keys, and *can* decrypt your data. So, basically, it is no more secure than dropbox.

The private key is generated on your computer and not the website. They don't have a copy of the private key.

Re:Security hole 1, Kim Dotcom (0)

Anonymous Coward | about 2 years ago | (#42656421)

You are aware that you can easily upload encrypted and signed files, and you don't need to rely on anyone else for that, don't you?

Isn't Some of this Stuff Sort of Nitpicking? (5, Interesting)

eldavojohn (898314) | about 2 years ago | (#42656235)

The SSL encryption being used on Mega appears to be 1024-bit encryption, which can be broken with far greater ease than 2048-bit encryption viewed as best-practice amongst experts.

Isn't this kind of nitpicking? Isn't the solution to this like changing a value in your configuration or properties files on both sides and watching performance drop a bit? I guess when you have that many users sign up at the drop of a hat, you're expected to have unblemished perfection available for all. But I don't really see this "riddled with security holes." Instead I'd say "needs improvement before you trust it with anything important." As a software developer, I'm prone to give people a break but I guess if your site isn't prepared to be hosted at DEFCON you're fodder.

I mean, some of these points are valid like I have no idea why you would choose to do this in JavaScript but I guess if you want it to run entirely contained within the browser you don't have much choice unless you start to get into platform specific things like nacl.

Sort of offtopic but why are we following this so closely? I mean, I understand he's challenging world governments by doing this again but do we have to watch every little step and misstep of Kim Dotcom? He's starting to rub me the wrong way as a sort of attention whore. The longer his fifteen minutes of fame last the bigger embarrassment he's going to have in the 24 hour news cycle's circle of hate. Ugh, and his name is something straight out of Idiocracy ... did he try to change his first name to "The Bomb" but was blocked by the TSA? :-)

Re:Isn't Some of this Stuff Sort of Nitpicking? (3, Insightful)

Dins (2538550) | about 2 years ago | (#42656299)

He's starting to rub me the wrong way as a sort of attention whore

No doubt. The man legally changed his name to Kim Dotcom. That's not attention whoreish at all...

/sarcasm

Re:Isn't Some of this Stuff Sort of Nitpicking? (2, Funny)

Anonymous Coward | about 2 years ago | (#42656465)

For the longest time I thought Kim Dotcom was a woman. I mused that perhaps she is an ex-pornstar? So I wasn't surprised or bothered by the blatant attention whoring. Then I saw his picture and... I remain deeply troubled.

Re:Isn't Some of this Stuff Sort of Nitpicking? (2)

hpoul (219387) | about 2 years ago | (#42656555)

The man legally changed his name to Kim Dotcom

btw. has anyone an idea how/where he "legally" changed his name? most german sources still refer to him as "kim schmitz", and i have found nothing which states if he changed his name in germany or finland (as it seems he has both citizenships) .. the german wikipedia entry only refers to the name saying "In Neuseeland tritt Schmitz unter dem Namen Kim Dotcom auf" - does this mean he simply used a wrong name when entering NZ, or did he change his name in NZ, but not in finland/germany?

Re:Isn't Some of this Stuff Sort of Nitpicking? (1)

V for Vendetta (1204898) | about 2 years ago | (#42658893)

To add to that: in Germany changing your name, especially your lastname, is generally not possible: "Im derzeit geltenden Namensrecht gilt der Grundsatz der Unabänderlichkeit des Namens." There are exceptions to that law, but I doubt that Schmitz applies for any of them.

Re:Isn't Some of this Stuff Sort of Nitpicking? (1)

SethJohnson (112166) | about 2 years ago | (#42658237)

But if the guy is already a celebrity, isn't attention-whoring part of his job description?

In a related topic, it's been something of an industry rumor for the past six months that Dice has made a confidential offer to an ex-member of the band, Guns-n-Roses, to change his last name to "dot org".

Re:Isn't Some of this Stuff Sort of Nitpicking? (5, Insightful)

DerekLyons (302214) | about 2 years ago | (#42656383)

Sort of offtopic but why are we following this so closely?

Because *everyone* loves a good reality show or celebrity meltdown. We all love to live vicariously, but different people chose different targets.
 
Thus, the Slashdot Demographic follows Dotcom, McAfee, etc... the way the rest of the world follows the Kardashian's, or Paris Hilton, or Lance Armstrong, or whatever their personal flavor of the month is.

Re:Isn't Some of this Stuff Sort of Nitpicking? (0)

Anonymous Coward | about 2 years ago | (#42656787)

the Kardashian's, or Paris Hilton, or Lance Armstrong

Who the hell are they?

Re:Isn't Some of this Stuff Sort of Nitpicking? (1)

MozeeToby (1163751) | about 2 years ago | (#42657993)

They're all people who are famous primarily for screwing other people people and having lots of evidence go public. ;)

Re:Isn't Some of this Stuff Sort of Nitpicking? (2)

NoSleepDemon (1521253) | about 2 years ago | (#42658019)

One likes to be ridden while high, the other likes to ride while high, and the third is just a skank.

Re:Isn't Some of this Stuff Sort of Nitpicking? (1)

dyingtolive (1393037) | about 2 years ago | (#42657631)

I don't know about that (though it could just be my gag reflex talking).

I follow this because I'm interested in the service and would like to see it actually survive, and also because it feels a lot like the plot to Cryptonomicon in real-life, minus constantly talking about how awesome one time pads are. The fact that Dotcom's name is attached to it is coincidental, at least, for me.

Oh, another difference: Psychotic lawyers are yet to appear in the real life version, though there has been some heavy foreshadowing in that direction.

Re:Isn't Some of this Stuff Sort of Nitpicking? (1)

dyingtolive (1393037) | about 2 years ago | (#42657643)

Oh, other reason to care: Free 50gb storage.

Re:Isn't Some of this Stuff Sort of Nitpicking? (0)

Anonymous Coward | about 2 years ago | (#42656459)

Considering all the data in the files are encrypted before being uploaded the SSL encryption is only needed to protect user login. I've just checked and it appears to be using 2048-bit encryption (for login at least) so it's either been fixed or wasn't an issue in the first place.

Re:Isn't Some of this Stuff Sort of Nitpicking? (1)

IRWolfie- (1148617) | about 2 years ago | (#42656883)

I mean, I understand he's challenging world governments by doing this again but do we have to watch every little step and misstep of Kim Dotcom? He's starting to rub me the wrong way as a sort of attention whore.

You make it sound like Kim Dotcom wrote the original (seemingly skewed) submission, rather than being the target of it.

Re:Isn't Some of this Stuff Sort of Nitpicking? (3, Informative)

fermion (181285) | about 2 years ago | (#42657029)

No, because it is promoted as a secure site that protects the users privacy. If we promoted as a place where users could get 50GB free space and there was an effort using various means to provide some insurance that user data was protected that would be different. One thing we have learned is that free data storage is seldom secure.

The point of the story is to shore up the idea that many of us have had. That the encryption is not intended to to one's data secure, or to insure privacy, but to provide a means by a arms length relationship between Mega and the data that user upload. This may force any future legal battles to be between right holders and individual uploader, not right holders and mega. If you wonder what the benefit of that is to Mega and uploader, just think of how corporations hate class action lawsuits.

But the damage occurs if users believe that the site is secure and private, so upload valuable information that Mega could later, through a change in the terms of use, mine or sell. Or some may use the site as the primary depository of data, then lose access to the data through the muddled security.

This is an interesting topic because many believe security is easy. That I can put 100 combination locks on a door and make it 100 time more secure. That I can advertise a product 'uses 4096 Bozo military grade encryption', plug a product that uses this encryption into the software, and automagically have a more secure product that uses 1024 bozo encryption.

Re:Isn't Some of this Stuff Sort of Nitpicking? (4, Informative)

Terrasque (796014) | about 2 years ago | (#42659429)

You haven't read their own FAQ [mega.co.nz] I take it?

They're actually upfront about threats to the user's security.

Is my stored data absolutely secure?

All security is relative. The following attack vectors exist - they are not specific to MEGA, but we want you to know about the risks:
Individual accounts are jeopardized by:
- Spyware on your computer. A simple keylogger is enough, but session credentials and keys could also be extracted from memory or the filesystem.
- Shoulder surfing. Do not type your password while someone could watch your keystrokes.
- Password brute-forcing. Use strong passwords.
- Phishing. Always confirm the security status of your connection (https://) and the correct domain name (mega.co.nz) before entering your password.

Large-scale attacks could be mounted through:
- A "man in the middle" attack. Requires issuing a valid duplicate SSL certificate in combination with DNS forging and/or attacks on our BGP routes (a DigiNotar-style scenario).
- Gaining access to the webservers hosting https://mega.co.nz/index.html [mega.co.nz] and replacing that file with a forged version (this would not affect access through the installed app base). Note that manipulating content on our distributed static content CDN does not pose a security risk, as all active content loaded from index.html is subject to verification with a cryptographic hash (think of it as some kind of "secure boot" for websites). This type of attack requires sending malicious code to the client and is therefore detectable.
- Gaining access to our core server infrastructure and creating forged key requests on existing shares. This type of attack only affects data in shared folders and is detectable on the client side as well.

What if I don't trust you? Is it still safe for me to use MEGA?

If you don't trust us, you cannot run any code provided by us, so opening our site in your browser and entering your password is off limits. If you still want to use MEGA, you have to do so through a client app that was written by someone you trust.

Doesn't that look pretty reasonable? What more do you want them to do? They created a pretty impressive webclient-driven easy-to-use file locker system, and they clearly spell out the problems with that approach.

Many of the article's points are pretty moot, btw. It does not use JS random function, they have extra verification for the 1024 bit SSL encrypted data, and the deduplication only works for shared files ("copy to my locker" functionality is mentioned - same data, same key, same place on the storage servers).

The part about mega.co.nz being able to send malicious code stealing your password is explicitly mentioned in their FAQ, and in a better way too. They even cover other attack vectors the article didn't.

They made a decent system, and they're upfront and honest about it's limitations. The article is at best FUD.

Re:Isn't Some of this Stuff Sort of Nitpicking? (1)

sacrilicious (316896) | about 2 years ago | (#42657291)

I agree with your main point(s) about how "riddled with security holes" is an overdramatization. But about the following:

Sort of offtopic but why are we following this so closely? I mean, I understand he's challenging world governments by doing this again but do we have to watch every little step and misstep of Kim Dotcom? He's starting to rub me the wrong way as a sort of attention whore.

... you sort of lose me in this part. You start off wondering why people are paying attention, and that's a fine/debatable question to kick around with the interested, but then you invert it and attribute people paying attention to KDC being an attention whore. I read this transition as going from "what's interesting about this and why does (e.g.) slashdot keep covering it" to "I don't like KDC's behavior".

If you don't like KDC, stop reading articles covering it. If you take issue with slashdot covering it, take your shot at the slashdot editors.

Personally, I don't see KDC's behavior as attention whoring any more than, say, Julian Assange's. One might be tired of hearing about Julian, but I think it's a real stretch (an impossible stretch, actually) to claim Julian is simply trying to garner media attention for the sake of no end but his own limelight. Ditto KDC. And if you let KDC's name-change cloud your assessment of the real substance of what he's doing, I guess that would suggest to me a disapointing lack of perspective on your part.

Re:Isn't Some of this Stuff Sort of Nitpicking? (1)

geminidomino (614729) | about 2 years ago | (#42657311)

Sort of offtopic but why are we following this so closely? I mean, I understand he's challenging world governments by doing this again but do we have to watch every little step and misstep of Kim Dotcom?

Can't speak for others, but for me personally, my reason is quite simple.

Fifty freakin' gigs. EOL

Re:Isn't Some of this Stuff Sort of Nitpicking? (1)

MozeeToby (1163751) | about 2 years ago | (#42657535)

Speaking of picking nits, isn't using javascript's random function to generate the key kind of nit picky also? First and foremost, they do gather entropy from user interaction (mouse movements and key presses). Ok, in theory if a user uses the minimum path, keyboard only navigation you could possibly, maybe figure things out. Except even thing, generating the key is a one time thing. Unless you're literally on the run from the NSA when you sign up for the service I just don't see it as that big of deal (in which case, personally I'd be using truecrypt to encrypt everything before I sent it to the cloud anyway).

Re:Isn't Some of this Stuff Sort of Nitpicking? (2)

Terrasque (796014) | about 2 years ago | (#42658337)

ALL of it is nitpicking, or just plain out wrong.

Lemme see, SSL part. Well, main site use 2048 bits, and the JS on that page loads and verifies all other resources. And file upload / downloads are already encrypted before SSL even touches them. So that point is completely moot.

And the "Mega server could send bad code" is already covered in Mega's own FAQ - well,duh. I doubt it comes as a shock to anyone.

As for the deduplication, I don't know. But there are ways to do that (like using file content hash as encryption key, for example - no idea if they actually do this - or just try to dedup the actual encrypted content. There is a (well, small) chance that two encrypted files have same data in a block). We just don't know, and making wild assumptions from it is .. just wrong.

Also, Mega does in fact NOT use JS random function. It use time sampling from user generated events, with RC4 as mixing function.

The whole article is just stupid. It makes wild assumptions, doesn't understand how (parts of) the site works, repeat things the site already informs users about, and are just plain wrong on some parts.

Is this yet another troll article by some attention hungry ad pushers?

Re:Isn't Some of this Stuff Sort of Nitpicking? (2)

Terrasque (796014) | about 2 years ago | (#42658421)

Dedupe update [forbes.com] :

"Deduplication is done based on the entire encrypted file and only happens if you either upload the same file encrypted with the same key twice (unlikely) or if you copy or import an existing file in your file manager (more likely)."

I was saying something about wild assumptions... Yep..

Servers located where ? (2, Insightful)

xushi (740195) | about 2 years ago | (#42656239)

"Security folk have also flagged problems with the fact that Mega uses a web browser to send encryption information, opening avenues for attackers to intercept keys by breaking SSL or by commandeering Mega's servers, some of which are said to be located in the United States."

Err, hang on.. I could swear I read a while ago that the whole point of all this was to have servers that are OUTSIDE of US ?

What's going on here?

Re:Servers located where ? (1)

MurukeshM (1901690) | about 2 years ago | (#42656287)

I thought the whole point was that Mega didn't have any servers. They outsource that part to several small file hosting sites. Maybe a few might be in the US?

Re:Servers located where ? (1)

MurukeshM (1901690) | about 2 years ago | (#42656295)

Damn me for not looking before clicking the submit button.

Taking the game to the opposition (-1)

Anonymous Coward | about 2 years ago | (#42656411)

If he'd run Mega according to the DMCA takedown rules, he wouldn't be facing the criminal charges he is facing now. So what he's doing is running the business Mega *should* have been, so he can present himself as a legitimate businessman, running 'Mega' [2] a legitimate business caught between piracy and an online business.

Part of that means running servers that can pass the DMCA rules in the USA, taking down content as DMCA requires, not having prior knowledge, not rewarding pirates with cash, not faking links and ignoring takedown requests and so on and so on. A clear "look-see" for all to see his legitimacy and calling the new one 'Mega' aswell, so he can fuzzy the difference between old and new in court.

Plus at extradition claim, he can say, "well look I have a business Mega, in the USA, that they can't touch, and it would be politically bad for you to extradite me for a business called 'mega' so why not just let it slide". Since extradition usually includes a political signature as well as a judicial process.

He's playing a clever game, at least he thinks he is, but the indictment is too strong for games like this to work and Judges take a dim view of games like this at court time.

Re:Taking the game to the opposition (1)

Anonymous Coward | about 2 years ago | (#42657595)

Thanks for that, FBI_disinformation_guy but you really should log on to post.

Re:Servers located where ? (0)

Anonymous Coward | about 2 years ago | (#42657829)

It's looking more and more like FUD. Not that I'd advocate trusting the site yet.

A grain of salt (4, Insightful)

aaaaaaargh! (1150173) | about 2 years ago | (#42656255)

While it seems likely that Mega's encryption is not exactly the creme de la creme of crypto implementations, I have also read some pretty dubious assessments of its cryptography, for example the review at Ars Technica which spreads more FUD than facts. Or take the claim in one of the above articles claims that the FBI is probably already typing their search warrants, which ignores the fact that this time not a single server is located within the US.

Perhaps some writers on tech news sites fear about their ad revenues?

Re:A grain of salt (1)

Terrasque (796014) | about 2 years ago | (#42656733)

I wrote a comment [slashdot.org] about the crypto system yesterday, from a outsider amateur's point of view. Nothing in that article was even surprising.

It's actually pretty cool, they do point out more or less the exact things in their FAQ [mega.co.nz] , which is surprisingly honest for such a site. Most would try to handwave it away or just outright ignore it.

As extra info to that comment I wrote earlier, I confirmed that they save a version of the RSA key on their server, and during login a blob of data is sent in (login user in cleartext, and probably hashed / crypted pw) to check if its a valid user before handling out the RSA key.

I can imagine sharing works like this : 1. find friend, 2. get pub key for friend, 3. decode file key with my private key, 4. encrypt it with friend's public key, 5. send to server

And sharing folders .. I guess each folder have an encrypted list of keys to files in it, and the key for the folder is encrypted with your key. So sharing a folder would then work much the same as sharing a file.

And regarding deduplication I saw an idea in a comment that could explain that. Every file is hashed locally, the hash being the actual AES key. Encrypt file, use pub RSA to encrypt hash, send both to server. Same file will be same file, dedup works, and everyone got their own key to it. That would also allow them to nuke all uploads of an illegal file, and keep "bad file" hash lists for child porn and similar.

Now, I haven't actually looked at the JS code for the service yet, so all of this guesstimate :)

Re:A grain of salt (2)

Terrasque (796014) | about 2 years ago | (#42657591)

Update : Regarding the random source, this [mega.co.nz] is the code they use, and it's from this project [google.com] . It use mouse and keyboard events (not all, math.random is used to decide which ones), with rc4 as mixing function.

And it seems to be running since page load (started in crypto0001,js) - AES function is from Stanford Javascript Crypto Library [stanford.edu] btw, and RSA code is from this project [sourceforge.net] .

Conspiracy theory (-1)

Anonymous Coward | about 2 years ago | (#42656261)

What if these reports on security issues are being published as a smear campaign to try to take the wind off mega's sail? After all, there are dozens of services out there, some of which are extermelly popular although they don't even encrypt the passwords, such as Dropbox.

Yet, to this day no one has ever bothered pointing out that all these dozens of hosting and file sharing services aren't perfectly safe, but it so happens that the one service that publicly announced that it was going directly against multinational media companies, the one which was already a target of criminal raid instigated by these companies, just so happens to get this unprecedented level of negative press, and all this before it even got up on its feet.

preprocessor?? (5, Insightful)

1u3hr (530656) | about 2 years ago | (#42656271)

"... Megaupload, Mega's preprocessor."

I expect this means "predecessor". The editors are actually paid in money to click "submit" without reading or understanding the articles?

Re:preprocessor?? (4, Funny)

coldsalmon (946941) | about 2 years ago | (#42656305)

They're using Megaupload as a preprocessor? Clever - that way there's no copyright infringement at compile time.

Re:preprocessor?? (1)

Rogerborg (306625) | about 2 years ago | (#42657493)

The Slashdot "editors" were replaced a decade ago by Very Small Shell Scripts written by Rob Malda's frat buddies. You're as well trying to win an argument with ELIZA.

Re:preprocessor?? (2)

tgd (2822) | about 2 years ago | (#42657511)

"... Megaupload, Mega's preprocessor."

I expect this means "predecessor". The editors are actually paid in money to click "submit" without reading or understanding the articles?

Your reply generated another ad view.

The editor's job was done.

Re:preprocessor?? (1)

1u3hr (530656) | about 2 years ago | (#42658655)

Your reply generated another ad view.

Not one seen by me anyway. I put up with the ads here till they started to do animated flash.

What did he expect? (0)

Anonymous Coward | about 2 years ago | (#42656273)

"On this front, reader mask.of.sanity points out a tool in development called MegaCracker that could reveal passwords as users sign up for the site."

He has pissed off America, what did he expect?

On the other hand, it could be a data gathering exercise.

Risky (-1, Flamebait)

myelizacitra (2818427) | about 2 years ago | (#42656279)

I don't think its secure as you say there are numerous problems in handling encryption, an XSS flaw and users can't change their passwords.No body can't take risk.... http://tiny.cc/qbgbrw [tiny.cc]

Where do I get a Mega preprocessor? (0)

Anonymous Coward | about 2 years ago | (#42656307)

Every one need a preprocessor...

Re:Where do I get a Mega preprocessor? (0)

Anonymous Coward | about 2 years ago | (#42656745)

You have to Megadownload one.

It's not a bug, it's a rich feature set (1)

roman_mir (125474) | about 2 years ago | (#42656309)

It's not a but, you are talking about a file sharing service that prevents file sharing while trying to make money on content distribution, this is a facade a charade, there have to be easy to exploit holes in there in order to be able to search and exchange content.

Chrome warns of an invalid certificate (1)

davecb (6526) | about 2 years ago | (#42656321)

Alas, Chrome of course won't tell me what is invalid, and neither firefox nor midori see a problem at all. This is accessing the site from Toronto, Ontario, via Rogers Cable.

Read the description of MEGA and was disappointed (1)

Omnifarious (11933) | about 2 years ago | (#42656323)

Seriously, I just spent a bunch of time playing with Tahoe-LAFS. And while it's a bit tricky to get running, it's a far better service in terms of security than MEGA is. The only thing it's missing is a front-end that allows it to use random cloud storage providers for its storage. And that's being written as we speak.

Re:Read the description of MEGA and was disappoint (0)

Anonymous Coward | about 2 years ago | (#42656501)

eh, I don't see what's so special about it. The benefit of Mega is access to your data from anywhere. All you need is a browser. T-LAFS requires filesystem driver and a gateway service upload. To access your data from other devices, you have to remotely access a gateway which may not be under your control, which mean ensuring the confidentiality and integrity of your data goes out the window.

Re:Read the description of MEGA and was disappoint (1)

Omnifarious (11933) | about 2 years ago | (#42657465)

You can access the gateway with a web browser if you want to. And the issue of whether or not the gateway is under your control is entirely up to you. It would be possible to write a gateway for a smart phone or DD-WRT.

Re:Read the description of MEGA and was disappoint (0)

Anonymous Coward | about 2 years ago | (#42656581)

In the mean time, you can just configure ownCloud to store data on a FUSE-mounted Tahoe-LAFS filesystem.

All about deniability (5, Insightful)

Melakh (2670043) | about 2 years ago | (#42656349)

Who cares if you can intercept the private encryption key (not often you get to say that) - seriously, noone with a brain is going to be uploading sensitive data to Mega and expecting them to take care of it. There are no multinationals sitting in the wings waiting to outsource storage of their customer's credit card numbers to Mega. This is just supposed to be Megaupload minus the ability for the recording industry to demand all copies of the same file get deleted and minus the ability for the FBI to be able to ask Mega a question and get an answer about what's stored.

Re:All about deniability (1)

wispoftow (653759) | about 2 years ago | (#42656447)

I agree with you. But I find myself in the "legitimate user camp": I want easy online storage and serving, but under the fundamental premise that I am the only one who can control who sees what.

Re:All about deniability (1)

flyingfsck (986395) | about 2 years ago | (#42657071)

Yup, it doesn't matter that the encryption is flawed. What is not flawed is that the same file, uploaded by different people, will result in a different sequence of bits. Therefore, there is no easy way for the **AA or any *** to compare files on the site with other files and come up with a list of 'infinging' files. The purpose of the encryption is really just scrambling and for that it is probably good enough.

Use the Linus back up method instead. (0)

Anonymous Coward | about 2 years ago | (#42656373)

Only wimps use tape backup: real men just upload their important stuff on ftp, and let the rest of the world mirror it ;) , Linus Torvalds.

Not just Mega (2)

wispoftow (653759) | about 2 years ago | (#42656395)

FTA:
"If they had bothered to read that they would have seen that we basically state exactly what they are accusing us of as possible attack vectors plus some others they are not accusing us of," said Ortmann. "All of these SSL-related attacks do no apply specifically to us. They apply to companies with equally high security requirements or even higher requirements."

And that just about sums it up for me.

Kim Dotcom (1, Interesting)

SexToyDR (2821565) | about 2 years ago | (#42656449)

I was shocked to learn how much money this guy made the first time around...I suppose he hasn't learned his lesson. I agree with eldavojohn, though; who cares about this guy?

Re:Kim Dotcom (0)

Anonymous Coward | about 2 years ago | (#42656683)

What lesson is that? Get busted, and they still let you live in a mansion?

Re:Kim Dotcom (4, Insightful)

Sloppy (14984) | about 2 years ago | (#42657647)

I was shocked to learn how much money this guy made the first time around...I suppose he hasn't learned his lesson.

Did the person who wrote the second half of that sentence, ever read the first part? Because the first part of your sentence says exactly what the lesson was, and Dotcom trying again is evidence that he did learn it.

Re:Kim Dotcom (1)

SethJohnson (112166) | about 2 years ago | (#42658735)

I'm not sure which 'first time around' you're referring to here... The pump-and-dump ponzi scheme he ran during the late nineties dot-com bubble or the MegaUpload website he ran in the later oughts? Both operations paid him handsomely, and he so far only did a short stint in jail on the stock fraud, but the case is pending against him on the MegaUpload website. He's got more money than OJ Simpson did when he hired his legal 'dream team', so there's a chance he might avoid prosecution for MegaUpload.

Nitpicking (1)

Anonymous Coward | about 2 years ago | (#42656545)

This does seem to be nit picking. The only real issue here is the XSS attack which as long as they fix quickly, isn't too bad. Compared to most sites I've seen this is a damned fort.

All data is encrypted before being uploaded so the SSL encryption is only needed to protect user login. I've just checked and it appears to be using 2048-bit encryption (for login at least) so it's either been fixed or wasn't an issue in the first place.

Mega could allow people to change passwords by decrypting the data with their current password and then encrypting it again with a new key and password. Not exactly a massive security problem though, now if they were stored in plain text...

Password overuse (2, Funny)

Anonymous Coward | about 2 years ago | (#42656617)

There is a global shortage of passwords as we have reached peak passwords. It is time to find alternative ways to secure our security.

You would really... (0)

Anonymous Coward | about 2 years ago | (#42656665)

be stupid to use his service.

We should help him (1)

onyxruby (118189) | about 2 years ago | (#42657053)

The community seems quite interested in using his services and seeing that he beat his legal case. I think it is reasonable that the community help Kim DotCom out on this. He's trying to protect your data as much as his ass, which is more than a lot of companies do.

Instead of bitching and moaning about what's wrong, we should help him fix it. Give Kim security, consider it a mutual internet fuck you to those that deserve it.

Maybe I'm Just Paranoid (0)

RoknrolZombie (2504888) | about 2 years ago | (#42657481)

Maybe I'm just paranoid, but what's the likelihood that Kim Dotcom has been bought? Doesn't anyone else find it a bit strange that after all of the bullshit he went through he's effectively opening the exact same business (with no fear, I might add)? Were I to use cloud storage (I don't) and if I were to use it for hosting illegal files, I would be concerned that my information is being made available directly to the feds.

Re:Maybe I'm Just Paranoid (0)

Anonymous Coward | about 2 years ago | (#42657965)

The implementation is different, and seems to be based directly around not giving the US a single crumb with which to launch a case against him. Of course it could be a front. But if you do some research on Dotcom, he seems exactly like the type of asshole to do this.

Deniability (0)

Anonymous Coward | about 2 years ago | (#42658099)

"But there are suspicions Mega is handing out encryption keys to users and touting strong security to cover its own back."

Too lazy to log in to post this or find the source for what I'm about to say when the submitter and editors were obviously extremely lazy with this submission. But Kim Dotcom literally said that this was all about deniability on their part. So guess what geniuses, your suspicions are true. Which changes what, exactly?

Security problems? surely you jest! (1)

xyourfacekillerx (939258) | about 2 years ago | (#42658159)

I thought pirates were good, ethical people, with an organic set of humanistic, good-willed principles that precluded. And people surely motivated by that philosophy to share unlicensed programs and movies (sorry, I mean information) would not exploit security features of the site that could compromise the security of visitors to that site. Right? Right guys? Copyright holders are bad and pirates are ethically superior, right??

No, no, I'm not trolling. More like making a sarcastic observation. 1000 threads at /. about the self-righteous "information is free" movement, it's amazing how many anyone can adopt that attitude or moral pride without shame given events such as this.

Re:Security problems? surely you jest! (1)

GodfatherofSoul (174979) | about 2 years ago | (#42658843)

Slashdot's content-lifting culture at it again. Always trying to rationalize what they do while simultaneously crying about the job market because people won't pay them good money for their efforts.

Re:Security problems? surely you jest! (0)

Anonymous Coward | about 2 years ago | (#42659137)

Go away, and take your strawman with you.

Socking! (0)

Anonymous Coward | about 2 years ago | (#42659013)

You found bugs in beta software? That is just shocking!

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?