Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Kim Dotcom's 'Mega' Storage Site Arrives

Soulskill posted about a year ago | from the raid-helicopters-on-their-way dept.

Cloud 314

An anonymous reader writes "After months of hype riding the coattails of the MegaUpload controversy, Kim Dotcom's new cloud storage site, Mega, is finally going live. After being available to early adopters briefly, it's now open to the public with 50GB of free storage and end-to-end encryption. Several outlets have posted early hands-on reports for the service, including Ars Technica and The Next Web. In an interview, Dotcom spoke about how Mega's encryption scheme benefits both the users and the company: 'The Mega business plan will be a distributed model, with hundreds of companies large and small, around the world, hosting files. A hosting company can be huge or it can own just two or three servers Dotcom says—just as long as it's located outside the U.S. "Each file will be kept with at least two different hosters, [in] at least two different locations," said Dotcom. "That's a great added benefit for us because you can work with the smallest, most unreliable [hosting] companies. It doesn't matter because they can't do anything with that data." More than 1000 hosts answered a request for expressions of interest on the Mega home page. Dotcom says several hundred will be active partners within months.' On top of that, the way it's designed will protect Mega from legal problems: 'It's all about the plausible deniability. Mega doesn't know what you're uploading. ... Mega isn't so much securing your files for you as it is securing itself from your files. If Mega just takes down all the DMCAed links, it will have a 100 percent copyrighted material takedown record as far as its own knowledge is concerned. It literally can't know about cases that aren't actively pointed out to it, complete with file decryption keys.'"

cancel ×

314 comments

Sorry! There are no comments related to the filter you selected.

Honeypot (0)

Quakeulf (2650167) | about a year ago | (#42634533)

This will obviously be watched very closely by some fellows with a lot of power.

Re:Honeypot (1)

Anonymous Coward | about a year ago | (#42634633)

How is it a honeypot though?

Re:Honeypot (5, Insightful)

gandhi_2 (1108023) | about a year ago | (#42634643)

It keeps the powers that be busy.

Re:Honeypot (2, Insightful)

Anonymous Coward | about a year ago | (#42635399)

> It keeps the powers that be busy.

it allows them to request bigger budgets.

I have quite a lot of legitimate data (3, Interesting)

symbolset (646467) | about a year ago | (#42635139)

This looks like a good service for me. Reasonable prices and strong encryption, universal cloud access. Heck of a deal. And it won't hurt my feelings to support the cause.

Re:Honeypot (4, Insightful)

sco08y (615665) | about a year ago | (#42634725)

This will obviously be watched very closely by some fellows with a lot of power.

Yes it's obvious that unknown persons with an unquantified amount of indeterminate influence will be watching a public website with an unspecified degree of closeness through some unmentioned mechanism.

Re:Honeypot (1, Informative)

Quakeulf (2650167) | about a year ago | (#42634759)

Since you couldn't understand what I meant: The feds, the music industry, the movie industry, the porn industry, the gaming industry and the software industry to name a few.

Re:Honeypot (3, Insightful)

modmans2ndcoming (929661) | about a year ago | (#42634809)

and all they will see is a bunch of encrypted files.

Re:Honeypot (1)

Anonymous Coward | about a year ago | (#42634839)

and all they will see is a bunch of encrypted files.

Will they steal my photographs again? I don't know which trees in the background of my photos are copyrighted.

wrong (0)

Anonymous Coward | about a year ago | (#42634883)

they will acquire the keys the same way they goto torrent sites and become members, then with said encryption keys YOUR PWNED
and mega says in there terms that they come after the user for there legal fees.
YA thats the way to instill me with confidence to use that....

Re:Honeypot (3, Insightful)

SuricouRaven (1897204) | about a year ago | (#42635177)

The site can't be monitored directly. That's the whole point. I'm sure they will be watching, but not directly. Were I in their place, I'd be looking for sites that link to files uploaded to Mega. A few careful google queries, a custom crawler, even entering into a few sneaky agreements with ISPs to do DPI and see where people are going. The idea not being to catch all the pirates, but to catch all the highly-visible pirates and the communities they form around. So only private, invite-only forums can survive.

hears a lever crank (0)

Anonymous Coward | about a year ago | (#42634841)

ROFL

Any one else with registration problems? (0)

Anonymous Coward | about a year ago | (#42634557)

Just registered and activated accounts are inaccessible. No, no typo, no failed memory, no caps lock on.

Anyone else or just me?

Re:Any one else with registration problems? (1)

sugarmotor (621907) | about a year ago | (#42634641)

me too

Re:Any one else with registration problems? (2)

dmbasso (1052166) | about a year ago | (#42635025)

Coincidentally today all my torrents stopped working, all tracker addresses are resolving to 127.0.0.1... anyone else having the same problem?

Re:Any one else with registration problems? (1)

mister_playboy (1474163) | about a year ago | (#42634671)

I can't even get the homepage to load.

Slashdotted, I'm sure... :P

hmm (0)

Anonymous Coward | about a year ago | (#42634573)

Seems more like the way it's marketed is "piracy market, just don't make it known"

It may take some time before it's a viable alternative to dropbox, but at the same time, I can feel the "ohshitdosomething" gears spinning at the RIAA, MPAA, BSA and so forth.

Re:hmm (3, Insightful)

K. S. Kyosuke (729550) | about a year ago | (#42634639)

OR, perhaps it's like a storage solution where you don't have to trust the storage company. If you store sensitive papers in a safety deposit box in a bank, you still have to trust the bank that nobody else will peek inside. With this, your privacy will be guaranteed by laws of nature.

Re:hmm (5, Informative)

Anonymous Coward | about a year ago | (#42634793)

No. This is a lot better than Dropbox. Dropbox has your files, knows what they're called, and knows what's in them. It is a basic, fairly bad, cloud storage service. All your data is subject to search and seizure.

On an audit of the code from Mega - which looks pretty solid - Mega has your files, but does NOT know what they're called or what's in them. Your data may still be subject to seizure - as MegaUpload very obviously demonstrated - but is NOT subject to search.

It's not the very first cloud storage service to do this, but so far as my audit shows, it's the first big one to do it properly. Seriously, look at the legit usage for this: This is the first really big cloud storage service you don't really have to trust to not leak your data. The risks are reduced: to seizure or other loss (which is ALWAYS a possibility, especially the way the US is being at the moment), or if they were made to backdoor it (though people might notice, as the JS would have to change, and that wouldn't affect client applications).

Re:hmm (0)

Anonymous Coward | about a year ago | (#42635265)

How do they do they encryption before upload? If the file goes to the unencrypted initially, then surely they'd have a record of it.

Re:hmm (1)

Anonymous Coward | about a year ago | (#42635303)

Encrypt on client, then send to server? The difficulty would be in verifying that this took place, but if this is done in JS, anyone should be able to verify that it is doing it (if they have the knowledge).

Re:hmm (2)

Kjella (173770) | about a year ago | (#42635309)

How do they do they encryption before upload? If the file goes to the unencrypted initially, then surely they'd have a record of it.

Well, there are AES implementations for JavaScript [google.com] .... not if I know that's what they're using or what the performance is like, but it's certainly possible to do it client side...

Re:hmm (0)

Anonymous Coward | about a year ago | (#42635405)

They could encrypt it using Javascript in the browser.

Megaupload? (1)

Janek Kozicki (722688) | about a year ago | (#42634577)

I wonder when/if he will be able to get back all the content from megaupload...

Re:Megaupload? (1)

DanielRavenNest (107550) | about a year ago | (#42634859)

I'm still waiting for final resolution of fallout from the 2007 financial meltdown. A mutual fund I had shares in lied about the value of mortgage-backed securities they held. The legal process is slow, so you can expect it to take several years for the return of user data.

Re:Megaupload? (1, Offtopic)

whoever57 (658626) | about a year ago | (#42635055)

I'm still waiting for final resolution of fallout from the 2007 financial meltdown. A mutual fund I had shares in lied about the value of mortgage-backed securities they held.

At this point, I think that it is pretty clear that almost no-one is going to be held to account for the illegal activities that led to the financial meltdown. If you are waiting for restitution from the mutual fund, I suggest that you give up.

In-browser encryption? (2)

edelbrp (62429) | about a year ago | (#42634607)

Anybody poke around yet to see how they do the client-side encryption w/o a plugin? I suppose it could be done in Javascript. Another thought I had is maybe using the SSL stream its self and storing that. I would hope they are at least not using Java or Flash.

In any case, I would imagine that this would attract a lot of attention to see just how secure the mechanism is.

Re:In-browser encryption? (2, Informative)

Anonymous Coward | about a year ago | (#42634709)

There are a few libraries...

http://code.google.com/p/crypto-js/

http://crypto.stanford.edu/sjcl/

Not all user agents support the File API (1)

tepples (727027) | about a year ago | (#42634777)

As far as I know, the ability to use JavaScript crypto libraries on an uploaded file relies on browser support for the File API, which isn't available in Internet Explorer before version 10 or Safari for iOS before iOS 6. This means it's not available in Internet Explorer for Windows XP, Internet Explorer for Windows Vista, or Safari for the first-generation iPad.

Re:Not all user agents support the File API (5, Informative)

kthreadd (1558445) | about a year ago | (#42634823)

or Safari for iOS before iOS 6

That's because Safari for iOS did not support uploading files before iOS 6, at all.

Re:Not all user agents support the File API (2, Funny)

Anonymous Coward | about a year ago | (#42635305)

Mac users don't need to upload things. They consume, rather than create stuff, so all of their apps are already on the cloud.

Re:In-browser encryption? (0)

Anonymous Coward | about a year ago | (#42634783)

I *assume* the encryption might be working two-fold:

One server-based and one simple SSL-based for all transmissions. It seems to make sense. You send your url and key to the server, which decrypts the data for you and then sends the file to you over SSL. The same for upload -> SSL, the server then encrypts and sends the key back to you.
Does this seem like Snakeoil to you? Not really, you're still getting a cloud-sharer that cannot look into your files and no one can bulk-steal them for anything useful. It is not as strong as advertised? Well, keep in mind their 2048 bit RSA encryption is basically for THEM so THEY can claim to law enforcement and copyright holders not to be able to open the stuff. Your security is the normal SSL transmission.

I am not saying it works like that but it would be a rather simple setup without ausing too many headaches. It could very well be the entire encrytion does indeed happen in the browser.

Also note the browser is just a temporary solution or one for the Quick and Dirty accesses. They plan to open an full API and I bet all the legit *cough* users this service will draw will soon have custom clients that satisfy all requirements you could think of.

Re:In-browser encryption? (0)

Anonymous Coward | about a year ago | (#42634785)

AES implemented completely in javascript. No idea what the performance is like.
I wonder if there is some kind of check that it performs server-side to ensure that the upload has been encrypted, i.e. to make sure that you haven't changed the client-side javascript to purposely upload plaintext files (so as to incriminate mega).

Re:In-browser encryption? (2)

sco08y (615665) | about a year ago | (#42634807)

Anybody poke around yet to see how they do the client-side encryption w/o a plugin? I suppose it could be done in Javascript. Another thought I had is maybe using the SSL stream its self and storing that. I would hope they are at least not using Java or Flash.

In any case, I would imagine that this would attract a lot of attention to see just how secure the mechanism is.

SSL wraps the entire HTTP session, so by the time your Javascript is running, everything is arriving as clear text.

There are any number of Javascript crypto libraries, and for small files it's probably Good Enough.

Re:In-browser encryption? (1)

mwvdlee (775178) | about a year ago | (#42634855)

I don't think Javascript alone can intercept uploaded files. They could use a flash tool to intercept the file and pass to javascript for encryption.

Re:In-browser encryption? (0)

Anonymous Coward | about a year ago | (#42635101)

Regardless of how encryption is done, Mega controls the code so it could be corrupted or compromised. If Hollywood wants to inspect someones archive they could just get legal order to have the company change the code and reveal the persons files .... and if Mega doesn't comply then they can't do business in the US. (and also, helicopters)

Clever (-1)

Anonymous Coward | about a year ago | (#42634661)

Sounds more like an acknowledgment that, 'Yes, we KNEW we were hosting pirated binaries before, but now we're much more clever at it".

Re:Clever (5, Insightful)

sco08y (615665) | about a year ago | (#42634753)

Sounds more like an acknowledgment that, 'Yes, we KNEW we were hosting pirated binaries before, but now we're much more clever at it".

It's more, "it's not our job to police our members and we've made it computationally impossible for us to do so."

Mega Conz (1)

Anonymous Coward | about a year ago | (#42634673)

Really, that's the name?

Re:Mega Conz (0)

Anonymous Coward | about a year ago | (#42634755)

Really, that's the name?

He had a different domain, but they gave him the boot at the last minute.... so it's .co.nz now.

Piracy (1)

physlord (1790264) | about a year ago | (#42634677)

"Legal Piracy: Take advantage of legal system loopholes!" seems to be the marketing strategy.

Well... I love it! :D

Willlful ignorance is a crime (1)

Anonymous Coward | about a year ago | (#42634689)

The internet police will be knocking on his door soon enough.

Re:Willlful ignorance is a crime (1)

BlueStrat (756137) | about a year ago | (#42634939)

Willlful ignorance is a crime...

The internet police will be knocking on his door soon enough.

Not to mention taking deliberate steps to avoid prosecution by hosting exclusively outside the US, in addition to obstructing justice by having mirrored servers in different countries, making it nearly impossible for the US DoJ/ICE to take down.

He's a "digital terrorist"!

Cue the drone strikes and SEAL raids.

Strat

Re:Willlful ignorance is a crime (5, Insightful)

flayzernax (1060680) | about a year ago | (#42635135)

And this may be one of the first cases for the Great Firewall of the USA to go up.

Mega.co.nz (0)

Zeroblitzt (871307) | about a year ago | (#42634693)

More like Mega... Conz.

Re:Mega.co.nz (1)

inamorty (1227366) | about a year ago | (#42635317)

Before you pat yourself on the back, have a quick look at how many times that particular gem has cropped up before [google.ie] ...

...and this will make money how? (0)

Lordfly (590616) | about a year ago | (#42634697)

Just wondering. If it's advertising, I don't see it lasting long.

Re:...and this will make money how? (1)

Lordfly (590616) | about a year ago | (#42634705)

For once I should have read the article. Pricing tiers. Still 50GB is a lot to give away.

Re:...and this will make money how? (-1, Troll)

Anonymous Coward | about a year ago | (#42634737)

50GB is 6 Dual layer DVD blanks, which at 30 cents each is a total of $2 worth of storage.

They are giving you $2 in exchange for showing you some ads and a chance to upsell you on the next tier.

Re:...and this will make money how? (5, Insightful)

kthreadd (1558445) | about a year ago | (#42634831)

I don't think they store the data on DVDs.

Re:...and this will make money how? (1, Interesting)

Anonymous Coward | about a year ago | (#42634879)

Of course they don't. But you could. There are differences, but basically this is the value proposition they are offering.

I might make sense for some people, because, for example, you can't stuff 6 dvds in a smartphone. But for others, putting your stuff on a dvd is as good as putting it in the cloud. Perhaps more so, since you have control of it, and it not subject to legal scrutiny unless the police raid your house.

Re:...and this will make money how? (1)

Zorpheus (857617) | about a year ago | (#42635017)

I don't know about others, but I store data on hard discs. DVDs ae just too small and impractical, and haddiscs so cheap nowadays.

Re:...and this will make money how? (1)

mwvdlee (775178) | about a year ago | (#42634889)

Somehow I don't think they'll be using DVD's to store the files. To be fair, they'll use whatever harddrive solution their hosting providers can get for the least amount of money, whatever that may be.

You don't calculate the cost of an internet connection by calculating the power consumption of all the '1' bits either.

Re:...and this will make money how? (0)

Anonymous Coward | about a year ago | (#42634731)

Well that is how he afforded these two [telegraph.co.uk] along with his humble home. [regmedia.co.uk] I'm sure he knows how to make money with advertising.

Re:...and this will make money how? (3, Insightful)

Anonymous Coward | about a year ago | (#42634743)

1. Setup a big, encrypted cloud storage. Make a loud rumble so everyone looks at it.
2. Charge for a) "Pro accounts" with more bandwidth and storage and b) advertising.
3. Profit.

The business plan is really no miracle or something.

Swiss Bank Accounts (1, Interesting)

brit74 (831798) | about a year ago | (#42634745)

So, basically, he's taken the "Swiss Bank Account" model that allows tyrants, dictators, and thieves to keep their money hidden and applied it to uploading illegal content. One major problem with KimDotcom's new model is the fact that Megaupload used to allow users to search for content (read: mostly copyrighted, illegally uploaded content). The search functionality is broken with the new model because your average user can't know the encryption key. This means most users will ignore megaupload and they will suffer from a lack of users. (Because, let's face it: the real reason Megaupload was *ever* popular was as a conduit for piracy. Kim Dotcom knows this, which is what his new move is about: enabling the piracy that makes his site popular, but trying to evade legal liability.)

Mega vs. Dropbox (1)

tepples (727027) | about a year ago | (#42634791)

So if it's online file storage with no search, then what makes it any different from, say, Dropbox or SkyDrive or Google Drive, other than that Mega offers a lot more, well, megabytes? (50,000 for Mega vs. 2,000-odd for Dropbox, assuming a reasonable number of rewards earned)

Re:Swiss Bank Accounts (1)

mister_playboy (1474163) | about a year ago | (#42634795)

The old MU didn't have any search functionality. None of the filehosts do. That's the reason 3rd part search sites which scraped the 'Net for filehost links appeared. RapidSearch, dealing with RS links, was the first I recall seeing.

Re:Swiss Bank Accounts (1)

Hadlock (143607) | about a year ago | (#42634797)

Once everything is up and running, this is going to beat the hell out of dropbox for actual file usage. Now I can just mirror my mom's entire home directory across her desktop and two laptops, rather than just 2gb of storage for her my documents folder.

Re:Swiss Bank Accounts (1)

Lisandro (799651) | about a year ago | (#42634813)

You can include the key with the download URL, afaik.

Re:Swiss Bank Accounts (4, Insightful)

Anonymous Coward | about a year ago | (#42634845)

Yeah, but I think the point is that third party indexer type sites will start popping up, allowing people who are members of such sites to traffic in digital information. As long as where it is hosted isn't liable for anything, there will be no real, long-term and effective way of preventing people from sharing information with a computer & the internet.

This is just the beginning of the evolution of information transfer (don't want to call it "piracy" - that word has been co-opted to mean something it does not - let's call a spade a spade here and use the term information transfer).

Re:Swiss Bank Accounts (2)

DriveDog (822962) | about a year ago | (#42635143)

That's it. Somebody gets it.

Re:Uses for Mega (2, Insightful)

DanielRavenNest (107550) | about a year ago | (#42634899)

I have plenty of use for a service like this, for:

* Offsite backup of my content creation and personal files. I have a backup external drive at home, but it's nice to have another copy offsite.
* Distributing technical data, which is all open-sourced. My home PC is bandwidth limited and not turned on all the time.

Note that with his distributed hosting, he can get along with a small number of users. It would just mean using fewer hosting providers to match the demand.

i like breaking the search (0)

Anonymous Coward | about a year ago | (#42634931)

now it makes it really really really hard for hollystupid or anyone for that matter to screw around
AWWW did he make it safer to use?

now why do they do this
"We keep records of IP addresses used to access our services."

Re:Swiss Bank Accounts (0)

Anonymous Coward | about a year ago | (#42635261)

Speaking from experience, I never searched Megaupload. I always attained the links at third party sites.

Re:Swiss Bank Accounts (1, Insightful)

Lucky_Norseman (682487) | about a year ago | (#42635333)

The Swiss Bank Account model is also what allowed jews in Germany to keep some of their family fortune out of the claws of the Reich.
Is that so evil?

Site under massive load (0)

Anonymous Coward | about a year ago | (#42634747)

it took 3 times to get it to send me a email to register. Cant get link from email to load. Site seems very overloaded

Re:Site under massive load (0)

Anonymous Coward | about a year ago | (#42634781)

oh.....i'm in. its generating massive 2048-bit key as we speak

Re:Site under massive load (0)

Anonymous Coward | about a year ago | (#42634819)

cant get anything to upload to the site now....seems pointless at the moment

Google Chrome (-1, Troll)

EricJ2190 (1016652) | about a year ago | (#42634849)

I just signed up with Firefox 18 and got the message:
"Warning: You are using an outdated browser, which adversely affects your file transfer performance. Please upgrade to Google Chrome."
Seriously, Mega?

Re:Google Chrome (0)

Anonymous Coward | about a year ago | (#42634891)

Yes, seriously.

MEGA needs some advanced HTML5 JavaScript APIs to be able to work effectively, and so far only Chrome and IE10 have implemented them in a release version yet (and IE10 has a memory leak in one).

http://caniuse.com/#feat=filesystem

Re:Google Chrome (3, Funny)

RedHackTea (2779623) | about a year ago | (#42635129)

Works fine for me on Opera.

Google Chrome only? (1)

Anonymous Coward | about a year ago | (#42634857)

"While other browser vendors are still struggling to implement the full spectrum of HTML5’s functionality, Google Chrome has it all - today. To enjoy MEGA's full power (such as automated batch up - and downloading), we strongly suggest abandoning your current, outdated browser and upgrading to Chrome as soon as possible."

That's with Firefox nightly.

Let us remember... (5, Informative)

blahplusplus (757119) | about a year ago | (#42634865)

... american corporations and their complaint criminal government have no credibility. Any society that allows such insane acts to be passed over and over again is not a country who's laws and businessmen should be taken seriously.

http://en.wikipedia.org/wiki/Copyright_Term_Extension_Act [wikipedia.org]

Re:Let us remember... (-1)

Anonymous Coward | about a year ago | (#42635199)

... american corporations and their complaint criminal government have no credibility. Any society that allows such insane acts to be passed over and over again is not a country who's laws and businessmen should be taken seriously.

http://en.wikipedia.org/wiki/Copyright_Term_Extension_Act [wikipedia.org]

Is it really insane folks? What's your stake in the content creation business? Consuming?

If you want to complain because of the potential locked up in old copyrighted works that could be used to generate new business opportunities... Well that would make you a businessman, but at least you'd start to have a sensible argument.

If you have no business interest and just want to consume shit, you don't really have skin in the game. Why should copyright be shortened just for entertainment purposes? That is insane.

Re:Let us remember... (3, Informative)

blahplusplus (757119) | about a year ago | (#42635335)

"Is it really insane folks?"

Yes it is. Why can't I repair games or get access to source code? Why don't videogames and their source-code and art assets go into a library (being a cultural work like books)? I could go on and on about all the people who's ability to create and solve problems are constrained by such criminal laws.

The current laws are merely rent seeking protectionist conservative nanny statism for corporations. Anyone who disputes this is naturally not very bright.

In economics, rent-seeking is an attempt to obtain economic rent by manipulating the social or political environment in which economic activities occur, rather than by creating new wealth.

And what is copyright? Government enforced monopoly pushed by big business. How is preventing people from using non-scarce ideas a good idea over the long term? You can't justify it at all rationally. You're creating huge amounts of inefficiency because it puts up barriers to creativity and problem solving by anyone who is not fairly wealthy.

Re:Let us remember... (1, Interesting)

Anonymous Coward | about a year ago | (#42635401)

If you have no business interest and just want to consume shit, you don't really have skin in the game. Why should copyright be shortened just for entertainment purposes? That is insane.

I'll pay $80,000+ in PERSONAL taxes alone this year (nevermind the additional taxes as a small business part-owner).

I'm funding the military and diplomatic regime that asserts ever-expanding IP rents across the globe.

I got fucking skin in the game, it was peeled off me, asshole.

"Mega doesn't know what you're uploading" (1)

rsmith-mac (639075) | about a year ago | (#42634897)

Mega doesn't know what you're uploading... but they definitely care. Ad impressions will pay regardless of whether content is legitimate or not, but just like Megaupload their paid subscriptions (starting at 10EUR/month) will only sell if there's illegal content on the service.

Is there a standalone app? (3, Insightful)

grahamsaa (1287732) | about a year ago | (#42634903)

I really have no interest in just uploading or downloading files through my browser. When this was announced I heard that they were going to support mounting / folder syncing, but I'm not seeing anything like that yet. Am I missing something?

Re:Is there a standalone app? (2)

RedHackTea (2779623) | about a year ago | (#42635141)

https://mega.co.nz/#developers [mega.co.nz]
As far as their future (at bottom) [mega.co.nz] , it looks like they'll just be developing this for the browser, but the API appears to be fully open for developers.

DDoSed (1)

MouseTheLuckyDog (2752443) | about a year ago | (#42634923)

Someone told me that it is being DDoSed. All I know is that I can't get it yet.

Re:DDoSed (3, Insightful)

Anonymous Coward | about a year ago | (#42635011)

Try to access with https://

Re:DDoSed (2)

MouseTheLuckyDog (2752443) | about a year ago | (#42635083)

Oh the embarassment.

back to "how secure can it be if it's deduped" (1)

Anonymous Coward | about a year ago | (#42634929)

from their TOS : "Our service may delete a piece of data you upload or give someone else access to where it determines that that data is an exact duplicate of original data already on our service"

http://cl.ly/image/3E1c260l1w2F

This is secure / plausibly deniable how, exactly, if they're capable of deuping across accounts?

Re:back to "how secure can it be if it's deduped" (0)

Anonymous Coward | about a year ago | (#42635039)

so add a nfo file
and it wont be the same
gee do i need to teach you to be a pirate, did you learn how to use a spoon form mommy?

Re:back to "how secure can it be if it's deduped" (2)

OdinOdin_ (266277) | about a year ago | (#42635063)

dedupe doesn't need to understand what the data is only that the data is identical. so now the 2 copies of data they make are now shared by 2 or more accounts (for that block allocation unit at least). The likelihood of duplication occurring however is small, as any cryptographic file storage system when reformatted by the same user to store inside exactly the same data will have completely different encrypted data. This is due to the session key and block perturbation scheme.

I can only think that this is a clause to cover some kind of legal angle maybe due to the way someone else might claim gained access to your (private) data, when really all they did was have access to an encrypted block of data that both you and the other guy happened to upload that happened to be identical. With copy-on-write when one of you changes that block of data you would presume the system unshares the data. The most obvious case for deduplication would be blocks of zeroed data.

Re:back to "how secure can it be if it's deduped" (1)

SuricouRaven (1897204) | about a year ago | (#42635209)

Making a wild guess, they might be keeping the hash of the unencrypted file. That way if someone else tries to upload the same file they can still detect it, and just supply a link to the already-encrypted file.

Re:back to "how secure can it be if it's deduped" (2, Insightful)

Anonymous Coward | about a year ago | (#42635397)

But they don't have the encryption key. Not having the encryption key is a crucial part of their plausible deniability defence against hosting copyright infringing files. And if they don't have the encryption key they can't point someone at another copy of the same encrypted file since the user won't have the encryption key to decrypt it.

Do I have this right? (1)

Anonymous Coward | about a year ago | (#42635041)

"I Kim am not going to prison for you pirates again but the process have gained me some powerful insight. Take heed, we're logging user info and will sell you out if necessary just like ALL other legit cloud services. The encryption means we can't see your shit so we're not responsible and thus don't care what you store here. No hashing a db and files disappearing mysteriously. Unlike those other services, we’re warning you in plain English instead of confusing legal jargon; use tor, a disposable email address, prepaid CC, fake name and strip identifying metadata from all content if you plan on using this service for shady purposes. Enjoy and welcome to Mega!”

So, it won't be the Megaupload of old but will make for a good sneaker net alternative or, as difficult as it might seem to accept, a legitimate and safe service for your private and public data.

Deletion of duplicate files (5, Interesting)

HighlyIrregular (2784665) | about a year ago | (#42635091)

They mention in their TOS that they retain the right to delete duplicate files when more than one user uploads exactly the same file, which is sensible of course. But can anyone tell me how they can do this if they don't have the encryption key?

Re:Deletion of duplicate files (1)

Anonymous Coward | about a year ago | (#42635145)

Seems like it would be easy enough to create a checksum prior to encryption that is stored specifically for this purpose.

Re:Deletion of duplicate files (2)

MouseTheLuckyDog (2752443) | about a year ago | (#42635165)

Yes but then how do you decrypt the file if it was encrypt with a different key. More likely they mean same post encryption.

Re:Deletion of duplicate files (1)

HighlyIrregular (2784665) | about a year ago | (#42635181)

Seems like it would be easy enough to create a checksum prior to encryption that is stored specifically for this purpose.

That was the only method I could think of. Suddenly your files aren't quite so private. If the code is open source, it will be possible to see if this method is used though.

Re:Deletion of duplicate files (0)

Anonymous Coward | about a year ago | (#42635225)

If you encrypted two identical files with the same encryption key wouldn't you end up with two identical encrypted files? That wouldn't require a checksum nor decryption.

Re:Deletion of duplicate files (1)

Anonymous Coward | about a year ago | (#42635319)

Yes, but if everyone is using the same encryption key, the protection is gone.

Re:Deletion of duplicate files (1)

Anonymous Coward | about a year ago | (#42635355)

I just checked this and discovered two identical files encrypted with the same key are not the same (tried it with GPG on my home machine). So it looks like a pre-uploaded checksum would probably be required.

Re:Deletion of duplicate files (0)

Anonymous Coward | about a year ago | (#42635253)

hashsums compared with database along with with the encrypted data?

And geo-load-balanced, too! (1)

Rob_Bryerton (606093) | about a year ago | (#42635321)

I seem to be connected to the Utah facility.... it's very fast!

Comcast (1)

onyxruby (118189) | about a year ago | (#42635359)

On Comcast they appear to be blocking uploads to the website. I can access and interact with the site but all uploads are completely blocked.

50 GB? (1, Flamebait)

DogDude (805747) | about a year ago | (#42635383)

50 GB? I know this guy's famous, but other than that, is there any other reason I should care? I measure my storage in TB, these days. 50 GB is only about 10 movies (or less).
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>