Mega

[Vis]

http://gizmodo.com/5977329

Mega, Kim Dotcom's big, flashy new copyright-dismantling file-sharing/storage site with encryption up the wazoo has finally launched. You can head on over and sign up right now. That is, so long as the site can hold under the crazy traffic. So far, it looks like it's getting crushed. But different people are experiencing different things.

• Kim Dotcom@KimDotcom
  As of this minute one year ago #Megaupload was destroyed by the US Government. Welcome to Mega.co.nz
  19 Jan 13 ReplyRetweetFavorite
  
  Kim Dotcom@KimDotcom
  Wow. I have never seen anything like this. From 0 to 10 Gigabit bandwidth utilization within 10 minutes.
  19 Jan 13 ReplyRetweetFavorite

We gave you an inside look at the service yesterday, but now you can get in there and start poking around yourself. Is this the new future of cloud storage? Or maybe the new future of private, encrypted piracy clubs? We're now officially on our way to finding out. What's your money on?

And this is only the beginning.

http://gizmodo.com/5977163/hands-on-wit ... ht-forever

So what's to stop Mega from going down just the way Megaupload did? Mega's privacy, which is a no-foolin' stroke of genius. See, all of your files are encrypted locally before they're uploaded, so Mega has no idea what anything is. It could be family photos or work documents, or an entire discography of your favorite band. Poof: online and easy to share. And importantly, Mega doesn't have the decryption key necessary to get in. See? It's a masterstroke of copyright subversion.

To explain further, Mega's terms say that nobody can access your stuff without your personal decryption key. And they don't have it. Only you do. The company does, however, stipulate in the privacy policy that they might cooperate with law enforcement. But big deal; what are they going to turn over? When Twitter and Facebook cooperate with the authorities, they have access to your data. All Mega has is an encrypted file, and that's its ultimate protection.

So why is this a copyright killer? Well, actually, it's way way more than a copyright killer; it enables the most private data exchanges of any online service available to the public. Prying eyes will have a hard time getting to them.

comment over werking: http://gizmodo.com/5977163/hands-on-wit ... t=56381524

When you sign up for Mega, you create a private key, and that private key only exists on your own machine, or keyfob, or somewhere secure. That private key is then used to generate an asymmetric public key, which is uploaded and stored on Mega. The public key is used to encrypt anything from anyone, but the resulting encrypted files can only then be decrypted by your private key.

Each file you upload is encrypted with its own symmetric key, which can be used to encrypt or decrypt it. Each symmetric key is then encrypted with your public asymmetric key, and uploaded with the file. In order to use that file again, you use your private key to decrypt the symmetric key, and then use the symmetric key to decrypt the file.

When you want to give some other user access to a file you have uploaded, you download that symmetric key, and again use your private key to decrypt it. You then use the public key on file for that user to encrypt the symmetric key, and upload the new encrypted key back to Mega. Now, only that user can decrypt that copy of the symmetric key using their private key, and using the decrypted key, they can now access the shared file.

[The Silencer]

;

Kun je even de samenvatting geven?

[Vis]

De nieuwe Megaupload.

[The Silencer]

De nieuwe Megaupload.

Dus het nieuwe hobbyproject van Kuikentje? Dank voor toelichting, ga het vanavond toch maar even uitgebreid lezen

[Raynor's Revenge]

Geweldig privacysysteem. Gebruik zoals uitgelegd in delaatste alinea's klinkt erg onhandig en technisch, maar als het een beetje gebruiksvriendelijk is opgezet zou het in de praktijk best soepel moeten werken denk ik zo

[Vis]

De nieuwe Megaupload.

Dus het nieuwe hobbyproject van Kuikentje? Dank voor toelichting, ga het vanavond toch maar even uitgebreid lezen

Het idee is dat alles dit keer direct bij/voor het uploaden geëncrypt wordt, en niemand enige idee heeft wat er op de site staat. Dus Kuikentje (en FBI, en alle andere instanties die veel serieuzer zijn) kunnen niets.

Hij had eerst, voor de launch, het domein me.ga, alleen Gabon wilde niets met die site te maken hebben

[The Silencer]

De nieuwe Megaupload.

Dus het nieuwe hobbyproject van Kuikentje? Dank voor toelichting, ga het vanavond toch maar even uitgebreid lezen

Het idee is dat alles dit keer direct bij/voor het uploaden geëncrypt wordt, en niemand enige idee heeft wat er op de site staat. Dus Kuikentje (en FBI, en alle andere instanties die veel serieuzerwel serieus zijn) kunnen niets.

Hij had eerst, voor de launch, het domein me.ga, alleen Gabon wilde niets met die site te maken hebben

Fix Je zin suggereerde dat kuikentje überhaupt serieus te nemen is

Maar Kuikentje gaat nu wel hoog van de toren blazen hoe zoiets verboden moet worden. Hij gaat weer roepen hoe zeer de "arme artiest" hier weer onder moet lijden. Hoewel ik het betwijfel dat er ook maar ooit een enkele artiest pecunia van Kuikentje heeft gezien welke hij heeft opgehaald via boetes en procedures

En Gabon heeft niks te willen.

[Ace of Spades]

When you want to give some other user access to a file you have uploaded, you download that symmetric key, and again use your private key to decrypt it. You then use the public key on file for that user to encrypt the symmetric key, and upload the new encrypted key back to Mega. Now, only that user can decrypt that copy of the symmetric key using their private key, and using the decrypted key, they can now access the shared file.

lolwut

Kan iemand hier ff een diagrammetje van tekenen?

[Vis]

When you sign up for Mega, you create a private key, and that private key only exists on your own machine, or keyfob, or somewhere secure. That private key is then used to generate an asymmetric public key, which is uploaded and stored on Mega. The public key is used to encrypt anything from anyone, but the resulting encrypted files can only then be decrypted by your private key.

Je hebt zelf twee keys:

Local: private key
Mega: asymmetric public key

Een nieuwe file wordt ge-encrypt met de public key en staat dan op Mega zonder dat iemand weet wat het is. Alles wat met je public key wordt ge-encrypt kan enkel worden ge-decrypt met je lokale private key.

Each file you upload is encrypted with its own symmetric key, which can be used to encrypt or decrypt it. Each symmetric key is then encrypted with your public asymmetric key, and uploaded with the file. In order to use that file again, you use your private key to decrypt the symmetric key, and then use the symmetric key to decrypt the file.

Als ik het goed begrijp gebeuren er 2 dingen bij het encrypten van een file:

1. De file heeft zelf een key; daarmee wordt eerst de file ge-encrypt.
2. Vervolgens wordt de file key ge-encrypt met jouw public key.

Dus je encrypt de file niet direct, maar je encrypt de key waarmee de file is ge-encrypt.

De file kun je nu niet meer de-crypten, want die key is zelf ge-encrypt met jouw public key. Dus eerst de-crypt je de file key met je private key, en daarna is de file zelf weer te de-crypten met de inmiddels ge-decrypte file key.

When you want to give some other user access to a file you have uploaded, you download that symmetric key, and again use your private key to decrypt it. You then use the public key on file for that user to encrypt the symmetric key, and upload the new encrypted key back to Mega. Now, only that user can decrypt that copy of the symmetric key using their private key, and using the decrypted key, they can now access the shared file.

In dit geval heb je een file online staan. Die file is eerst ge-encrypt met de file key. Daarna is die file key weer ge-encrypt met jouw public key.

Omdat alleen jijzelf de file key weer kan de-crypten met je private key kan niemand anders hier iets mee. Niemand heeft immers jouw private key. Om de file te sharen met iemand anders moet diegene zijn private key kunnen gebruiken, en dat kan enkel als zijn public key is gebruikt voor het encrypten.

Dus wat je doet met een encrypted file die je wil sharen met iemand anders:

1. Je de-crypt de file key met je private key (want die was ge-encrypt met jouw public key)

Nu is de file nog steeds ge-encrypt, maar de file key waarmee je de file kan de-crypten is zelf ge-decrypt en klaar voor gebruik.

2. Schijnbaar kun je van anderen hun public key krijgen. Dus stel je hebt user Ace met public key 123. Dan gebruik je jouw public key 123 om de file key opnieuw te encrypten.

Nu kan de file niet meer ge-decrypt worden, want de file key is zelf nog ge-encrypt. Ik kan de file key zelf niet meer de-crypten, want mijn private key werkt niet op een file die met jouw public key is ge-encrypt.

3. Jij kan nu de file key de-crypten met jouw private key. Daarna kun je de file zelf de-crypten met de inmiddels decrypted file key.

[Vis]

Zucht, ook Ars is al aan de linkbait: Megabad: A quick look at the state of Mega’s encryption.

Deze was wel leuk:

(...) If the MPAA gets wind that Bob is hosting a copy of The Hobbit: An Unexpectedly Long Movie in his Mega folder, and Alice also happens to have the same file in her Mega folder, it's trivial to prove that Alice has the same file—in fact, the nature of deduplication means there's some record of every deduplicated block, and therefore every other infringing user. (...)

Belangrijkste uit 't artikel is dat 1. de keys niet echt goed random zijn, en daarom sneller te raden zijn (wat nog niet veel zegt, want wat is snel...), en 2. dit in Mega's ToS schijnt te staan:

8. Our service may automatically delete a piece of data you upload or give someone else access to where it determines that that data is an exact duplicate of original data already on our service. In that case, you will access that original data.

Dus ook al zou alles ge-encrypt moeten zijn, schijnbaar kunnen ze toch duplicates herkennen. Hoe precies is niet duidelijk, maar een mogelijk serieus gevolg is dit:

Apparently, they use unsalted symmetric key encryption which allows them to discover [hash(file), password] duplicates. By comparison, the old Megaupload would apparently deduplicate based on [hash(file)] matches.

Suppose Alice and Bob have files [D, E, F] and [F, G, H], respectively. If MEGA discovers that Alice and Bob share a duplicate file F and Alice to reveals her password (through password frequency analysis or to the Government), then all of Bob's files are compromised.

[The Silencer]

Hmm, dus toch niet de heilige graal die we dachten te hebben.

[Vis]

Indeed.

But it also drew a jab from Torrent Freak for its surprisingly illiberal, law enforcement-friendly privacy policy, and the amount of data it collects about users (read: Mega Launches: Brilliantly Secure, But Not Anonymous).

The policy includes these sections:

We keep the following personal information:
- When a user signs up for particular services on our website they may need to give us the details required in our registration form and keep that information up to date;
- Communication logs, traffic data, site usage and other information related to us supplying the services (including for serving of advertising material on our site);
- Any personal information included in data uploaded to our system including but not limited to registration information.

We keep records of IP addresses used to access our services.

While this may not be a huge issue for the mainstream, privacy buffs usually prefer more anonymity. Currently dissidents and whistleblowers are not shielded from being exposed by Mega, if the authorities come knocking.

Mega won’t hand personal information out to random strangers of course, but they will cooperate with law enforcement and comply with subpoenas as they should. In their privacy policy they state the following:

If we think it is necessary or we have to by law in any jurisdiction then we are entitled to give your information to the authorities.

We reserve the right to assist any law enforcement agency with investigations, including and limited to by way of disclosure of information to them or their agents. We also reserve the right to comply with any legal processes, including but not limited to subpoenas, search warrents [sic] and court orders.

And also this:

We can use any information we have about you as a customer relating to your creditworthiness and give that information to any other person for credit assessment and debt collection purposes.

Dat, plus dus misschien de mogelijkheid dat als ze data van de een hebben dit van de ander kunnen identificeren, lijkt het nogal gevaarlijk om dat eens flink te gaan gebruiken voor illegale shizzle. Het is ook geen random en onbekende site. Megaupload werd al neergehaald, en dit is een dikke FU richting de FBI en andere instanties. Dus de kans dat ze dit heel goed in de gaten gaan houden is erg groot.