Questions raised over the security of Mega’s encryption
By Andy Malt | Published on Wednesday 23 January 2013
Kim Dotcom’s new online storage service Mega launched with much fanfare (mainly from Dotcom’s Twitter feed) last weekend, but now that the dust is starting to settle, some are taking a closer look at its offering and how much it lives up to its bold claims of ensuring uber-privacy for users while being ‘takedown proof’.
As previously reported, Dotcom and his team claim that by encrypting all of its users’ files upon upload, and because only the uploader will have the digital key to unlock any one bit of encrypted content, the site’s owners cannot be held liable for content on its servers, even if much of it is unlicensed music and movie files, because the operators will have no way of knowing what data is on their platform.
This is a key difference to Dotcom’s original file-storage service MegaUpload. And the American authorities which took that service offline a year ago accuse Dotcom et al of very much knowing how much unlicensed content was being shared over their platform, but deliberately turning a blind eye because that content generated the traffic that in turn generated advertising and subscription revenues.
Though to be fair, the encryption service isn’t just about circumventing liability for copyright infringement. With online privacy an increasingly big issue, the automatic encrypting of files is a USP for Mega, which is operating in an ever competitive cloud storage market. Mega customers, Dotcom would argue, can sleep at night knowing that their cloud-stored files can’t be accessed by anyone else. Assuming, that is, that the encryption works.
Ars Technica’s Lee Hutchinson has been analysing the new Mega service and hasn’t come out with a particularly positive review. The encryption used, he says, isn’t actually as secure as has been made out, meaning that “it is easier (not easy, but easier) to reverse-engineer a Mega user’s private RSA [unlock] key than it should be. That means it’s easier to spoof the identity of a Mega user when sending messages or files”.
More troublingly, he notes one of the clauses in the site’s terms of service reads: “Our service may automatically delete a piece of data you upload or give someone else access to where it determines that that data is an exact duplicate of original data already on our service. In that case, you will access that original data”.
Which is a logical move to make the Mega platform more efficient. But if the whole point of the all new Mega is that the site’s owners are unable to tell what is on its servers, how is it possible that it knows what is or isn’t a duplicate?
Or, as Hutchinson puts it: “On one hand, the reason behind implementing a block-based data deduplication scheme is obvious: storage is cheap, but it’s not that cheap, and the distributed infrastructure providers supplying storage to Mega don’t have to waste space storing non-unique data – instead of 10,000 copies of ‘The Hobbit’, the service would only store a single copy, freeing up terabytes of space. On the other hand, even if the service doesn’t know those blocks of data happen to be ‘The Hobbit’, the service does know which users own those deduplicated blocks, and if one user is implicated, there’s proof against all the others too”.
With other online commentators raising similar concerns about just how secure Mega’s much hyped encryption functionality really is, Dotcom and his colleagues have been fighting back through various channels, denying some of the allegations. Though Dotcom himself did tweet this morning: “We welcome the ongoing Mega security debate and will offer a cash prize encryption challenge soon. Let’s see what you got”.
While experts picked holes in Mega’s privacy claims, more casual users of the service were complaining that the new platform was running very slowly. That, Dotcom said, was simply down to the massive number of sign-ups that had occurred since going live at the weekend. The Mega chief admitted that the site’s capacity had not been properly tested before launch, assuring users: “We are working 24/7 and expect normal operations within 48 hours. Lesson learned… no fancy launch event for [Dotcom’s other in development service] Megabox”.
It certainly seems that there has been a lot of interest online in Dotcom’s new service, and even with the possible privacy weaknesses, in terms of price point Mega is very competitive. Some, though, might still be hesitant of moving all their files into a Mega cloud locker given Dotcom’s fiery relationship with the content industries and the American authorities. However valid the Mega chief’s legal arguments ma be, and despite assurances that the new Mega could not be taken down in the way MegaUpload was because data storage is spread around the world, some will remember those former MegaUpload customers still battling to access their files a year after that original storage business was taken offline.