Kim Dotcom's 'Mega' Storage Site Arrives

An anonymous reader writes "After months of hype riding the coattails of the MegaUpload controversy, Kim Dotcom's new cloud storage site, Mega, is finally going live. After being available to early adopters briefly, it's now open to the public with 50GB of free storage and end-to-end encryption. Several outlets have posted early hands-on reports for the service, including Ars Technica and The Next Web. In an interview, Dotcom spoke about how Mega's encryption scheme benefits both the users and the company: 'The Mega business plan will be a distributed model, with hundreds of companies large and small, around the world, hosting files. A hosting company can be huge or it can own just two or three servers Dotcom says—just as long as it's located outside the U.S. "Each file will be kept with at least two different hosters, [in] at least two different locations," said Dotcom. "That's a great added benefit for us because you can work with the smallest, most unreliable [hosting] companies. It doesn't matter because they can't do anything with that data." More than 1000 hosts answered a request for expressions of interest on the Mega home page. Dotcom says several hundred will be active partners within months.' On top of that, the way it's designed will protect Mega from legal problems: 'It's all about the plausible deniability. Mega doesn't know what you're uploading. ... Mega isn't so much securing your files for you as it is securing itself from your files. If Mega just takes down all the DMCAed links, it will have a 100 percent copyrighted material takedown record as far as its own knowledge is concerned. It literally can't know about cases that aren't actively pointed out to it, complete with file decryption keys.'"

Megaupload?

[Janek Kozicki]

I wonder when/if he will be able to get back all the content from megaupload...

Re:

[DanielRavenNest]

I'm still waiting for final resolution of fallout from the 2007 financial meltdown. A mutual fund I had shares in lied about the value of mortgage-backed securities they held. The legal process is slow, so you can expect it to take several years for the return of user data.

Re:

[whoever57]

I'm still waiting for final resolution of fallout from the 2007 financial meltdown. A mutual fund I had shares in lied about the value of mortgage-backed securities they held.

At this point, I think that it is pretty clear that almost no-one is going to be held to account for the illegal activities that led to the financial meltdown. If you are waiting for restitution from the mutual fund, I suggest that you give up.

In-browser encryption?

[edelbrp]

Anybody poke around yet to see how they do the client-side encryption w/o a plugin? I suppose it could be done in Javascript. Another thought I had is maybe using the SSL stream its self and storing that. I would hope they are at least not using Java or Flash.

In any case, I would imagine that this would attract a lot of attention to see just how secure the mechanism is.

Re:

[Anonymous Coward]

There are a few libraries...

http://code.google.com/p/crypto-js/

http://crypto.stanford.edu/sjcl/

Not all user agents support the File API

[tepples]

As far as I know, the ability to use JavaScript crypto libraries on an uploaded file relies on browser support for the File API, which isn't available in Internet Explorer before version 10 or Safari for iOS before iOS 6. This means it's not available in Internet Explorer for Windows XP, Internet Explorer for Windows Vista, or Safari for the first-generation iPad.

Re:Not all user agents support the File API

[kthreadd]

or Safari for iOS before iOS 6

That's because Safari for iOS did not support uploading files before iOS 6, at all.

Re:

[Anonymous Coward]

Mac users don't need to upload things. They consume, rather than create stuff, so all of their apps are already on the cloud.

Re:

[sco08y]

Anybody poke around yet to see how they do the client-side encryption w/o a plugin? I suppose it could be done in Javascript. Another thought I had is maybe using the SSL stream its self and storing that. I would hope they are at least not using Java or Flash.

In any case, I would imagine that this would attract a lot of attention to see just how secure the mechanism is.

SSL wraps the entire HTTP session, so by the time your Javascript is running, everything is arriving as clear text.

There are any number of Javascript crypto libraries, and for small files it's probably Good Enough.

Re:

[mwvdlee]

I don't think Javascript alone can intercept uploaded files. They could use a flash tool to intercept the file and pass to javascript for encryption.

Re:In-browser encryption?

[monkeyhybrid]

Javascript can access and process file data directly with the HTML5 File API [w3.org] which is supported by recent versions of most major browsers [caniuse.com].

Javascript-infestd site

[aNonnyMouseCowered]

The old Mega-Upload did use Flash for some functions, such as directories for multiple file downloads. I believe the architecture was up- or downgrade, take your pick, to Javascirpt just before the Big Raid.

However, what made the old Mega a popular download site was that it was perfectly possible to download using simple non-browser based tools, including the commandline hacker's download manager of choice, wget. And Mega's files where infinitely resumable, even across different IP addresses even using the

Re:

[icebike]

You send your url and key to the server, which decrypts the data for you and then sends the file to you over SSL.

That would be silly. Why do server side decrypton/encryption when you can do that on the client side and truly have ZERO knowledge of file content.

You want to download your file, they send you gibberish that only your client can decrypt because only it has your private key.

Even directory listings and indexes to your files could be maintained on the client, encrypted and uploaded to the service. Then when you want to fetch, add or erase a file, you ask for the encrypted directory, find the name of the part

Re:

[icebike]

Regardless of how encryption is done, Mega controls the code so it could be corrupted or compromised. If Hollywood wants to inspect someones archive they could just get legal order to have the company change the code and reveal the persons files .... and if Mega doesn't comply then they can't do business in the US. (and also, helicopters)

Ah, no.

Even with public key encryption, you can't program your way around a missing private key.
If done right, with a warrant in hand, and a gun to their head, they still could not decrypt your files.

Let us remember...

[blahplusplus]

... american corporations and their complaint criminal government have no credibility. Any society that allows such insane acts to be passed over and over again is not a country who's laws and businessmen should be taken seriously.

http://en.wikipedia.org/wiki/Copyright_Term_Extension_Act [wikipedia.org]

Re:Let us remember...

[guttentag]

... american corporations and their complaint criminal government have no credibility.

I'd like to file a slashdot-compliant complaint about your misspelling of the word compliant in your complaint.

Re:Let us remember...

[blahplusplus]

"Is it really insane folks?"

Yes it is. Why can't I repair games or get access to source code? Why don't videogames and their source-code and art assets go into a library (being a cultural work like books)? I could go on and on about all the people who's ability to create and solve problems are constrained by such criminal laws.

The current laws are merely rent seeking protectionist conservative nanny statism for corporations. Anyone who disputes this is naturally not very bright.

In economics, rent-seeking is an attempt to obtain economic rent by manipulating the social or political environment in which economic activities occur, rather than by creating new wealth.

And what is copyright? Government enforced monopoly pushed by big business. How is preventing people from using non-scarce ideas a good idea over the long term? You can't justify it at all rationally. You're creating huge amounts of inefficiency because it puts up barriers to creativity and problem solving by anyone who is not fairly wealthy.

"Mega doesn't know what you're uploading"

[rsmith-mac]

Mega doesn't know what you're uploading... but they definitely care. Ad impressions will pay regardless of whether content is legitimate or not, but just like Megaupload their paid subscriptions (starting at 10EUR/month) will only sell if there's illegal content on the service.

Is there a standalone app?

[grahamsaa]

I really have no interest in just uploading or downloading files through my browser. When this was announced I heard that they were going to support mounting / folder syncing, but I'm not seeing anything like that yet. Am I missing something?

Re:

[RedHackTea]

https://mega.co.nz/#developers [mega.co.nz]
As far as their future (at bottom) [mega.co.nz], it looks like they'll just be developing this for the browser, but the API appears to be fully open for developers.

Re:

[Anonymous Coward]

According to their FAQ they intend to support this in the future. But access to their servers is done through HTTP and JSON, and the CRUD functions map to a subset of POSIX filesystem API. so it should be possible to make a FUSE driver for Linux or a synced folder implementation for any platform.

Right now their site only really fully supports desktop version of Google Chrome, less complete support for other major browsers, and no mobile platform apps. But because their service is written in unobfuscated Jav

Deletion of duplicate files

[HighlyIrregular]

They mention in their TOS that they retain the right to delete duplicate files when more than one user uploads exactly the same file, which is sensible of course. But can anyone tell me how they can do this if they don't have the encryption key?

Re:

[MouseTheLuckyDog]

Yes but then how do you decrypt the file if it was encrypt with a different key. More likely they mean same post encryption.

Re:

[Bitsy Boffin]

Nope, doesn't work, think it though

User A uploads file encrypted with his keys, and hash of unencrypted file
User B uploads same file encrypted with his keys, and same hash of unencrypted file

Mega sees hash are same and deletes User B's file, linking to User A's
... time passes ...
User B downloads the file.... now what? User B doesn't have A's keys, he can't decrypt it. Mega doesn't have A's keys, they can't decrypt it for him. There is no way for B to get the decrypt the file.

I would say t

Comcast

[onyxruby]

On Comcast they appear to be blocking uploads to the website. I can access and interact with the site but all uploads are completely blocked.

50 GB?

[DogDude]

50 GB? I know this guy's famous, but other than that, is there any other reason I should care? I measure my storage in TB, these days. 50 GB is only about 10 movies (or less).

Re:

[Anonymous Coward]

Oh, so where do you store your TB of encrypted files on the internet for free?

yeah, right

[Tom]

If Mega just takes down all the DMCAed links, it will have a 100 percent copyrighted material takedown record as far as its own knowledge is concerned.

Yeah, right. Because judges are stupid and fall for even the most transparent and obvious front. *facepalm*

You'd think his n-th run-in with the legal system would've made him a bit smarter. I feel sorry for the next bunch of naive folks he'll take down with him when they bust Mega and folks lose their data again.

Re:hmm

[K. S. Kyosuke]

OR, perhaps it's like a storage solution where you don't have to trust the storage company. If you store sensitive papers in a safety deposit box in a bank, you still have to trust the bank that nobody else will peek inside. With this, your privacy will be guaranteed by laws of nature.

Re:hmm

[Anonymous Coward]

No. This is a lot better than Dropbox. Dropbox has your files, knows what they're called, and knows what's in them. It is a basic, fairly bad, cloud storage service. All your data is subject to search and seizure.

On an audit of the code from Mega - which looks pretty solid - Mega has your files, but does NOT know what they're called or what's in them. Your data may still be subject to seizure - as MegaUpload very obviously demonstrated - but is NOT subject to search.

It's not the very first cloud storage service to do this, but so far as my audit shows, it's the first big one to do it properly. Seriously, look at the legit usage for this: This is the first really big cloud storage service you don't really have to trust to not leak your data. The risks are reduced: to seizure or other loss (which is ALWAYS a possibility, especially the way the US is being at the moment), or if they were made to backdoor it (though people might notice, as the JS would have to change, and that wouldn't affect client applications).

Re:

[icebike]

It's not the very first cloud storage service to do this, but so far as my audit shows, it's the first big one to do it properly.

Take a look at Spideroak [spideroak.com] and explain why you think they did it wrong.

Re:

[Anonymous Coward]

megaupload lets you share individual files or folders with others while still keeping the contents hidden from megaupload. SpiderOak uses one encryption key for everything, which only you hold and gives only you access to your data.

SpiderOak is zero-knowledge encrypted cloud backup/storage/remote disk, MegaUpload is a an encrypted Dropbox/fileshare/(future)collaboration tool. They occupy slightly different application spaces.

Re:

[Kjella]

How do they do they encryption before upload? If the file goes to the unencrypted initially, then surely they'd have a record of it.

Well, there are AES implementations for JavaScript [google.com].... not if I know that's what they're using or what the performance is like, but it's certainly possible to do it client side...

Just encrypt yourself prior to upload then.

[elucido]

But encrypting by them makes it secure for THEM.

Re:hmm

[icebike]

If they did ti correctly, they could provide the source code for the client side encryption, and let you build your own client from it.

After all, the best encryption is the kind that even if they tell you exactly how it works and show you the code, you STILL can't break it in any reasonable time frame.

Re:hmm

[icebraining]

To add to that, they do have API [mega.co.nz] and let you build clients with it, although you need to have it approved with them.

Re:

[sugarmotor]

me too

Re:

[dmbasso]

Coincidentally today all my torrents stopped working, all tracker addresses are resolving to 127.0.0.1... anyone else having the same problem?

Re:

[sugarmotor]

Now got through, first upload failed. Not really important, for sure.

Re:

[mister_playboy]

I can't even get the homepage to load.

Slashdotted, I'm sure... :P

Re:

[Tubal-Cain]

Had to allow Javascript to get past the SSL error.

Re:Honeypot

[sco08y]

This will obviously be watched very closely by some fellows with a lot of power.

Yes it's obvious that unknown persons with an unquantified amount of indeterminate influence will be watching a public website with an unspecified degree of closeness through some unmentioned mechanism.

Re:

[Quakeulf]

Since you couldn't understand what I meant: The feds, the music industry, the movie industry, the porn industry, the gaming industry and the software industry to name a few.

Re:Honeypot

[modmans2ndcoming]

and all they will see is a bunch of encrypted files.

Re:

[icebike]

Why would MEGA know your encryption keys?
Why would you give them to anyone?

They can't even see they are photographs

[SuperKendall]

Will they steal my photographs again?

Since as stated all the files are encrypted, they can't do anything with your photos.

Re:Honeypot

[SuricouRaven]

The site can't be monitored directly. That's the whole point. I'm sure they will be watching, but not directly. Were I in their place, I'd be looking for sites that link to files uploaded to Mega. A few careful google queries, a custom crawler, even entering into a few sneaky agreements with ISPs to do DPI and see where people are going. The idea not being to catch all the pirates, but to catch all the highly-visible pirates and the communities they form around. So only private, invite-only forums can survive.

Re:

[elucido]

The site can't be monitored directly. That's the whole point. I'm sure they will be watching, but not directly. Were I in their place, I'd be looking for sites that link to files uploaded to Mega. A few careful google queries, a custom crawler, even entering into a few sneaky agreements with ISPs to do DPI and see where people are going. The idea not being to catch all the pirates, but to catch all the highly-visible pirates and the communities they form around. So only private, invite-only forums can survive.

None of that will be useful when you consider the cost vs benefit. Sure if they invest a billion dollars a year in every country and treat it like the War on Drugs then they will initiate an arms race but what is the point?

Re:

[Anonymous Coward]

What do you mean? Like, bombing brown people? Check.

Re:

[ganjadude]

you sign up with a pre-paid CC and use a new email address you only use with mega? Seems pretty trivial to me

Re:Honeypot

[jamstar7]

Meh, I don't think the RIAA/MPAA are interested in any more warrants or lawsuits; on average, they lose a lot of money on them. The Verizon deal is great to them because it cuts all those "due process" requirements and it's therefore much cheaper per user.

Why should they care? It's not their money. The whole point of the *AAs getting copyright infringement redefined as a criminal act rather than a civil act was so the taxpayer foots the bill for prosecution, not the *AA. Once the complaint is signed in a criminal case, it's up to the government to investigate, serve warrants, make arrests, haul defendants in front of a judge, etc. In civil cases, it's up to the plaindiff to do all that gruntwork, without the benefit of arrest powers and police backup.

Re:

[Jane Q. Public]

"Since you couldn't understand what I meant: The feds, the music industry, the movie industry, the porn industry, the gaming industry and the software industry to name a few."

Echo the other responses so far.

But also: it doesn't much matter until it actually starts working; it appears to have been Slashdotted. Sample upload is frozen; doesn't work in any browser tried so far.

Re:

[Tumbleweed]

This looks like a great place to store a large number of heavily encrypted psuedo-random garbage files.

Bullshit, technologically not possible.

[elucido]

If it's using public key cryptography then there is no way for it to be a honeypot. The prive encryption key determines the security of your files and the public key determines who can access your files. PKI.

Re:Honeypot

[gandhi_2]

It keeps the powers that be busy.

Re:

[Anonymous Coward]

> It keeps the powers that be busy.

it allows them to request bigger budgets.

Re:

[six025]

> It keeps the powers that be busy.

it allows them to request bigger budgets.

We can only hope that the screws are turned so tight the system blows up in their faces. Nothing else has worked so far in how many thousands of years? :(

Peace,
Andy.

Re:

[jamstar7]

It keeps the powers that be busy.

You say that like it's a bad thing. Half a sec, this torrent is finishing... :D

I have quite a lot of legitimate data

[symbolset]

This looks like a good service for me. Reasonable prices and strong encryption, universal cloud access. Heck of a deal. And it won't hurt my feelings to support the cause.

Re:

[Lordfly]

For once I should have read the article. Pricing tiers. Still 50GB is a lot to give away.

Re:...and this will make money how?

[kthreadd]

I don't think they store the data on DVDs.

Re:

[Zorpheus]

I don't know about others, but I store data on hard discs. DVDs ae just too small and impractical, and haddiscs so cheap nowadays.

Re:

[cheekyjohnson]

Most of us don't even bother with HDDs or SSDs - just DVDs.

Most of who? I somewhat doubt that.

Re:

[mwvdlee]

Somehow I don't think they'll be using DVD's to store the files. To be fair, they'll use whatever harddrive solution their hosting providers can get for the least amount of money, whatever that may be.

You don't calculate the cost of an internet connection by calculating the power consumption of all the '1' bits either.

Re:

[Anonymous Coward]

1. Setup a big, encrypted cloud storage. Make a loud rumble so everyone looks at it.
2. Charge for a) "Pro accounts" with more bandwidth and storage and b) advertising.
3. Profit.

The business plan is really no miracle or something.

Re:

[MichaelSmith]

The other idea I saw is that to use their free service you have to install their ad-blocker which replaces normal advertisments on web pages with their advertisments. Its shonky as hell but I can see it working for them.

Re:Clever

[sco08y]

Sounds more like an acknowledgment that, 'Yes, we KNEW we were hosting pirated binaries before, but now we're much more clever at it".

It's more, "it's not our job to police our members and we've made it computationally impossible for us to do so."

Re:

[crankyspice]

Sounds a lot like the "willful ignorance" that Aimster tried to pull off, and got smacked down for. https://bulk.resource.org/courts.gov/c/F3/334/334.F3d.643.02-4125.html [resource.org]

Re:Clever

[Tom]

No, you are missing the GP's point.

The legal system doesn't fall for these lame attempts at "hack the law". They've been dealing with creative interpretations, weasel-wording, finding-of-loopholes and everything else we techies think we're masters of for more than two milennia. Ourt "brilliant hacks" are barely worth a yawn in the area of law.

GP is completely right. A judge will look at this and basically say "dude, seriously?". The prosecution will have to prove its case, sure. But Kim and most techies think that's a problem of mathematics, and by adding a tiny variable of unknown value to the equation, they can make it impossible to solve.

But that's not how the law works. At all.

Disclaimer: I'm a techie, not a lawyer. But through business I've had more then ample contact with the legal system, including many court cases.

Re:Clever

[Tom]

Problem here is that you will have to outright ban encryption to solve this problem.

You're thinking techie again, not legalese.

The law is quite familiar with seemingly shizophrenic approaches. For example, they have an odd thing that is neither OR nor AND nor XOR - a lawyer can claim that his client wasn't even near the crime scene at that time, but if he was he didn't do it, and if he did then he was intoxicated and not in his right mind. He can claim all of these three as true at the same time, and nobody in the courtroom will even raise an eyebrow, except for the techie whose brain has just shut down with a long list of logic errors.

What exactly is the difference between a public lockers providing company and what mega is doing?

The difference is that the law deals with humans and motivations, something you ignore entirely. If I were to set up that locker company, the case would probably be shut down. But if a formerly convicted criminal who is currently on trial for drug deals did it, and if he had made a public statement basically saying "only our company uses opaque steel doors instead of the glass doors other companies use, so even we won't know if you store, say, drugs, in them, hint hint" he would very likely be convicted if there is even the slightest bit of evidence.

And that can easily be done without making lockers illegal. It's how the law works. I've been in enough court rooms to understand that a judge will judge the particular case in front of him. Only the high courts consider the broad implications of their judgements, for good reasons. And you would be surprised how capable these people are. Kim and many techies is guilty of arrogance. You, too, seem to think that only geeks have brains. Most of the judges I've met were very smart people who can easily blow a big hole into your whole circumvention scheme.

Never forget that these people meet someone new who had a brilliant idea to get away with his crime every week. It's like your lawyer friend coming to you and saying something like "I've had this brilliant idea yesterday. Your web application you've been complaining about, it would run so much faster if you only ... (insert old idea you've heard 1000 times before here)".

Piracy accusations vs common carrier defense

[Morgaine]

Sounds more like an acknowledgment that, 'Yes, we KNEW we were hosting pirated binaries before, but now we're much more clever at it".

They know full well that this is just a fight between vested interests, with no a priori right or wrong (if you see an inherent right or wrong it's because you've already picked a side).

What we're witnessing here is the next skirmish in the copyright wars: "You play the piracy card, we play the common carrier card".

Mega vs. Dropbox

[tepples]

So if it's online file storage with no search, then what makes it any different from, say, Dropbox or SkyDrive or Google Drive, other than that Mega offers a lot more, well, megabytes? (50,000 for Mega vs. 2,000-odd for Dropbox, assuming a reasonable number of rewards earned)

Re:

[mister_playboy]

The old MU didn't have any search functionality. None of the filehosts do. That's the reason 3rd part search sites which scraped the 'Net for filehost links appeared. RapidSearch, dealing with RS links, was the first I recall seeing.

Re:

[Hadlock]

Once everything is up and running, this is going to beat the hell out of dropbox for actual file usage. Now I can just mirror my mom's entire home directory across her desktop and two laptops, rather than just 2gb of storage for her my documents folder.

Re:

[Lisandro]

You can include the key with the download URL, afaik.

Re:Swiss Bank Accounts

[Anonymous Coward]

Yeah, but I think the point is that third party indexer type sites will start popping up, allowing people who are members of such sites to traffic in digital information. As long as where it is hosted isn't liable for anything, there will be no real, long-term and effective way of preventing people from sharing information with a computer & the internet.

This is just the beginning of the evolution of information transfer (don't want to call it "piracy" - that word has been co-opted to mean something it does not - let's call a spade a spade here and use the term information transfer).

Re:

[DriveDog]

That's it. Somebody gets it.

Re:

[elucido]

Yeah, but I think the point is that third party indexer type sites will start popping up, allowing people who are members of such sites to traffic in digital information. As long as where it is hosted isn't liable for anything, there will be no real, long-term and effective way of preventing people from sharing information with a computer & the internet.

This is just the beginning of the evolution of information transfer (don't want to call it "piracy" - that word has been co-opted to mean something it does not - let's call a spade a spade here and use the term information transfer).

The poser was trying to compare information to currency as if it's money. It's not money. It's not the information, it's the content. Content has to be generated continuously.

Re:Uses for Mega

[DanielRavenNest]

I have plenty of use for a service like this, for:

* Offsite backup of my content creation and personal files. I have a backup external drive at home, but it's nice to have another copy offsite.
* Distributing technical data, which is all open-sourced. My home PC is bandwidth limited and not turned on all the time.

Note that with his distributed hosting, he can get along with a small number of users. It would just mean using fewer hosting providers to match the demand.

Re:

[drolli]

backups: you heard about amazon glacier, did you?
hosting: you heard about dropbox,amazon s3 or any other provider you like?

Neither a good example

[SuperKendall]

glacier, dropbox, s3

None of those encrypt your data by default.

MegaUpload does so automatically.

Sure you can encrypt yourself and store to S3 but it's just simpler to use a pre-packaged solution, and it seems to make sharing only fragments of things easier (for instance how would you upload a whole tree of data to S3 but share only one subdirectory while leaving the other directories unable to be accessed, without requiring complex authentication?).

Re:

[Lucky_Norseman]

The Swiss Bank Account model is also what allowed jews in Germany to keep some of their family fortune out of the claws of the Reich.
Is that so evil?

Re:

[interkin3tic]

OP was only commenting on the legality of what he was doing. He wasn't saying it was immoral.

Just because we agree with the laws that swiss banks are enabling people to break and disagree with the laws that mega is enabling people to break doesn't mean there aren't parallels.

Re:Swiss Bank Accounts

[AmiMoJo]

So, basically, he's taken the "Swiss Bank Account" model

No, he has just make a cyberlocker the way it should have been from the start - a private storage facility for controlled groups of people. The uploaders are not anonymous, that they have to be registered with the site, and the T&Cs make it clear MEGA will hand over any registration data if compelled to by law.

The search functionality is broken with the new model

It was useless anyway because people didn't upload public files with names that gave away the copyright infringing contents, instead they linked to the obfuscated names on forums.

This means most users will ignore megaupload and they will suffer from a lack of users.

Except all those people who like services such as Google Drive, Skydrive, Dropbox etc. but want more privacy. Oh, and all the pirates who used to use MegaUpload because it was less crappy than most of the other cyberlocker services.

enabling the piracy that makes his site popular, but trying to evade legal liability

Or maybe it's just that the MAFFIA controls the FBI now and the US has become the World Police, capable of sending agents of foreign countries to do the bidding of its corporations. Why else would he even bother to mention the DMCA when MEGA is deliberately staying well away from any US territory and laws? He should have no reason to respond to any DMCA request because it isn't law in New Zealand or anywhere MEGA operates or has servers, but he is forced to because the US thinks its laws are universal.

Re:

[gmuslera]

The Swiss Bank Account model also prevented tyrants, dictators and (in government/power positions) thieves to stole, take advantage, extort, etc you for having that money.

With information in the open by all accounts for governments (at least, the US one, and its agencies, and the people that "finance" both), and the problems lacking a secure alternative, the potential for abuse is high. As it make it difficult to be used for piracy, you should see what else is interesting to put elsewhere in an very secur

Are you the copyright police?

[elucido]

It sounds like you're reading from a script buddy. How much stock do you own in Disney?

Re:

[BlueStrat]

Willlful ignorance is a crime...

The internet police will be knocking on his door soon enough.

Not to mention taking deliberate steps to avoid prosecution by hosting exclusively outside the US, in addition to obstructing justice by having mirrored servers in different countries, making it nearly impossible for the US DoJ/ICE to take down.

He's a "digital terrorist"!

Cue the drone strikes and SEAL raids.

Strat

Re:Willlful ignorance is a crime

[flayzernax]

And this may be one of the first cases for the Great Firewall of the USA to go up.

Re:

[gmuslera]

Too bad that for US, the great firewall is like the one in this joke [rahul.net]. Most of internet is in, or you access it thru US, and even for things that are outside have enough power in a way or another to show down them remotely, how they did i.e. with megaupload or a lot of torrent sites overseas.

Re:

[icebike]

How does having backup servers in multiple jurisdictions make him a terrorist?
How is one of the most recommended best practice in IT suddenly obstructing justice?

Re:Willlful ignorance is a crime

[MichaelSmith]

Willlful ignorance is a crime...

The internet police will be knocking on his door soon enough.

Not to mention taking deliberate steps to avoid prosecution by hosting exclusively outside the US

So what does that make me? I have no connection to the US and I took deliberate steps to host all my stuff at my place.

Re:

[Anonymous Coward]

Try to access with https://

Re:

[MouseTheLuckyDog]

Oh the embarassment.

Re:

[OdinOdin_]

dedupe doesn't need to understand what the data is only that the data is identical. so now the 2 copies of data they make are now shared by 2 or more accounts (for that block allocation unit at least). The likelihood of duplication occurring however is small, as any cryptographic file storage system when reformatted by the same user to store inside exactly the same data will have completely different encrypted data. This is due to the session key and block perturbation scheme.

I can only think that this i

Re:

[SuricouRaven]

Making a wild guess, they might be keeping the hash of the unencrypted file. That way if someone else tries to upload the same file they can still detect it, and just supply a link to the already-encrypted file.

Re:

[Anonymous Coward]

But they don't have the encryption key. Not having the encryption key is a crucial part of their plausible deniability defence against hosting copyright infringing files. And if they don't have the encryption key they can't point someone at another copy of the same encrypted file since the user won't have the encryption key to decrypt it.

Re:

[RedHackTea]

Works fine for me on Opera.

Re:

[TheP4st]

Anything but fast for me, my 138 KB test file have been uploading at a whopping 0 B/s for the last 12m30s. Originally I started out with a 700MB file and had the same experience and thought that it might have been due to the size but apparently that was not the case.

Re:

[icebike]

"Legal Piracy: Take advantage of legal system loopholes!" seems to be the marketing strategy.

Well... I love it! :D

Don't be daft.

The piracy is your problem.
Mega only holds your encrypted files which even they can't look at.

If you rob a gas station, escape in your get away car, launder the funds through a few transactions and deposit the funds in your Bank, is the bank at fault?
Is Ford at fault for selling you the car?

Re:

[skaag]

And how exactly is Kim related to the stealing of movies? After all, files can be saved anywhere. He is not the only person offering a file sharing service.

Ultimately, the thieves are people who rip movies and distribute them to others for free or worse, for a fee! I don't remember Kim dotcom ever being accused of ripping and distributing movies for a fee?

There are double standards here: Just like the Gun industry is not held responsible for lunatics killing innocent people with guns, file sharing providers