Kim Dotcom's 'Mega' Storage Site Arrives

An anonymous reader writes "After months of hype riding the coattails of the MegaUpload controversy, Kim Dotcom's new cloud storage site, Mega, is finally going live. After being available to early adopters briefly, it's now open to the public with 50GB of free storage and end-to-end encryption. Several outlets have posted early hands-on reports for the service, including Ars Technica and The Next Web. In an interview, Dotcom spoke about how Mega's encryption scheme benefits both the users and the company: 'The Mega business plan will be a distributed model, with hundreds of companies large and small, around the world, hosting files. A hosting company can be huge or it can own just two or three servers Dotcom says—just as long as it's located outside the U.S. "Each file will be kept with at least two different hosters, [in] at least two different locations," said Dotcom. "That's a great added benefit for us because you can work with the smallest, most unreliable [hosting] companies. It doesn't matter because they can't do anything with that data." More than 1000 hosts answered a request for expressions of interest on the Mega home page. Dotcom says several hundred will be active partners within months.' On top of that, the way it's designed will protect Mega from legal problems: 'It's all about the plausible deniability. Mega doesn't know what you're uploading. ... Mega isn't so much securing your files for you as it is securing itself from your files. If Mega just takes down all the DMCAed links, it will have a 100 percent copyrighted material takedown record as far as its own knowledge is concerned. It literally can't know about cases that aren't actively pointed out to it, complete with file decryption keys.'"

Re:hmm

[K. S. Kyosuke]

OR, perhaps it's like a storage solution where you don't have to trust the storage company. If you store sensitive papers in a safety deposit box in a bank, you still have to trust the bank that nobody else will peek inside. With this, your privacy will be guaranteed by laws of nature.

Re:Honeypot

[gandhi_2]

It keeps the powers that be busy.

Re:Honeypot

[sco08y]

This will obviously be watched very closely by some fellows with a lot of power.

Yes it's obvious that unknown persons with an unquantified amount of indeterminate influence will be watching a public website with an unspecified degree of closeness through some unmentioned mechanism.

Re:...and this will make money how?

[Anonymous Coward]

1. Setup a big, encrypted cloud storage. Make a loud rumble so everyone looks at it.
2. Charge for a) "Pro accounts" with more bandwidth and storage and b) advertising.
3. Profit.

The business plan is really no miracle or something.

Re:Clever

[sco08y]

Sounds more like an acknowledgment that, 'Yes, we KNEW we were hosting pirated binaries before, but now we're much more clever at it".

It's more, "it's not our job to police our members and we've made it computationally impossible for us to do so."

Re:Honeypot

[modmans2ndcoming]

and all they will see is a bunch of encrypted files.

Re:...and this will make money how?

[kthreadd]

I don't think they store the data on DVDs.

Re:Swiss Bank Accounts

[Anonymous Coward]

Yeah, but I think the point is that third party indexer type sites will start popping up, allowing people who are members of such sites to traffic in digital information. As long as where it is hosted isn't liable for anything, there will be no real, long-term and effective way of preventing people from sharing information with a computer & the internet.

This is just the beginning of the evolution of information transfer (don't want to call it "piracy" - that word has been co-opted to mean something it does not - let's call a spade a spade here and use the term information transfer).

Re:Uses for Mega

[DanielRavenNest]

I have plenty of use for a service like this, for:

* Offsite backup of my content creation and personal files. I have a backup external drive at home, but it's nice to have another copy offsite.
* Distributing technical data, which is all open-sourced. My home PC is bandwidth limited and not turned on all the time.

Note that with his distributed hosting, he can get along with a small number of users. It would just mean using fewer hosting providers to match the demand.

Is there a standalone app?

[grahamsaa]

I really have no interest in just uploading or downloading files through my browser. When this was announced I heard that they were going to support mounting / folder syncing, but I'm not seeing anything like that yet. Am I missing something?

Re:DDoSed

[Anonymous Coward]

Try to access with https://

Re:Willlful ignorance is a crime

[flayzernax]

And this may be one of the first cases for the Great Firewall of the USA to go up.

Re:Honeypot

[SuricouRaven]

The site can't be monitored directly. That's the whole point. I'm sure they will be watching, but not directly. Were I in their place, I'd be looking for sites that link to files uploaded to Mega. A few careful google queries, a custom crawler, even entering into a few sneaky agreements with ISPs to do DPI and see where people are going. The idea not being to catch all the pirates, but to catch all the highly-visible pirates and the communities they form around. So only private, invite-only forums can survive.

Re:Swiss Bank Accounts

[Lucky_Norseman]

The Swiss Bank Account model is also what allowed jews in Germany to keep some of their family fortune out of the claws of the Reich.
Is that so evil?

Re:back to "how secure can it be if it's deduped"

[Anonymous Coward]

But they don't have the encryption key. Not having the encryption key is a crucial part of their plausible deniability defence against hosting copyright infringing files. And if they don't have the encryption key they can't point someone at another copy of the same encrypted file since the user won't have the encryption key to decrypt it.

Re:Honeypot

[Anonymous Coward]

> It keeps the powers that be busy.

it allows them to request bigger budgets.

Re:Honeypot

[Tumbleweed]

This looks like a great place to store a large number of heavily encrypted psuedo-random garbage files.

Piracy accusations vs common carrier defense

[Morgaine]

Sounds more like an acknowledgment that, 'Yes, we KNEW we were hosting pirated binaries before, but now we're much more clever at it".

They know full well that this is just a fight between vested interests, with no a priori right or wrong (if you see an inherent right or wrong it's because you've already picked a side).

What we're witnessing here is the next skirmish in the copyright wars: "You play the piracy card, we play the common carrier card".

Re:50 GB?

[Anonymous Coward]

Oh, so where do you store your TB of encrypted files on the internet for free?

Re:Swiss Bank Accounts

[AmiMoJo]

So, basically, he's taken the "Swiss Bank Account" model

No, he has just make a cyberlocker the way it should have been from the start - a private storage facility for controlled groups of people. The uploaders are not anonymous, that they have to be registered with the site, and the T&Cs make it clear MEGA will hand over any registration data if compelled to by law.

The search functionality is broken with the new model

It was useless anyway because people didn't upload public files with names that gave away the copyright infringing contents, instead they linked to the obfuscated names on forums.

This means most users will ignore megaupload and they will suffer from a lack of users.

Except all those people who like services such as Google Drive, Skydrive, Dropbox etc. but want more privacy. Oh, and all the pirates who used to use MegaUpload because it was less crappy than most of the other cyberlocker services.

enabling the piracy that makes his site popular, but trying to evade legal liability

Or maybe it's just that the MAFFIA controls the FBI now and the US has become the World Police, capable of sending agents of foreign countries to do the bidding of its corporations. Why else would he even bother to mention the DMCA when MEGA is deliberately staying well away from any US territory and laws? He should have no reason to respond to any DMCA request because it isn't law in New Zealand or anywhere MEGA operates or has servers, but he is forced to because the US thinks its laws are universal.

Re:Clever

[Tom]

Problem here is that you will have to outright ban encryption to solve this problem.

You're thinking techie again, not legalese.

The law is quite familiar with seemingly shizophrenic approaches. For example, they have an odd thing that is neither OR nor AND nor XOR - a lawyer can claim that his client wasn't even near the crime scene at that time, but if he was he didn't do it, and if he did then he was intoxicated and not in his right mind. He can claim all of these three as true at the same time, and nobody in the courtroom will even raise an eyebrow, except for the techie whose brain has just shut down with a long list of logic errors.

What exactly is the difference between a public lockers providing company and what mega is doing?

The difference is that the law deals with humans and motivations, something you ignore entirely. If I were to set up that locker company, the case would probably be shut down. But if a formerly convicted criminal who is currently on trial for drug deals did it, and if he had made a public statement basically saying "only our company uses opaque steel doors instead of the glass doors other companies use, so even we won't know if you store, say, drugs, in them, hint hint" he would very likely be convicted if there is even the slightest bit of evidence.

And that can easily be done without making lockers illegal. It's how the law works. I've been in enough court rooms to understand that a judge will judge the particular case in front of him. Only the high courts consider the broad implications of their judgements, for good reasons. And you would be surprised how capable these people are. Kim and many techies is guilty of arrogance. You, too, seem to think that only geeks have brains. Most of the judges I've met were very smart people who can easily blow a big hole into your whole circumvention scheme.

Never forget that these people meet someone new who had a brilliant idea to get away with his crime every week. It's like your lawyer friend coming to you and saying something like "I've had this brilliant idea yesterday. Your web application you've been complaining about, it would run so much faster if you only ... (insert old idea you've heard 1000 times before here)".

Re:Honeypot

[jamstar7]

Meh, I don't think the RIAA/MPAA are interested in any more warrants or lawsuits; on average, they lose a lot of money on them. The Verizon deal is great to them because it cuts all those "due process" requirements and it's therefore much cheaper per user.

Why should they care? It's not their money. The whole point of the *AAs getting copyright infringement redefined as a criminal act rather than a civil act was so the taxpayer foots the bill for prosecution, not the *AA. Once the complaint is signed in a criminal case, it's up to the government to investigate, serve warrants, make arrests, haul defendants in front of a judge, etc. In civil cases, it's up to the plaindiff to do all that gruntwork, without the benefit of arrest powers and police backup.