Kim Dotcom's new filesharing service Mega: more than a million members by 1 day post-launch

Kim Dotcom's new "Mega" site "appears to be legal and is akin to a Dropbox or Google Drive on encryption steroids," writes David Kravets of Wired News. The site reached more than a million members in just one day after its initial Saturday launch from New Zealand. "The number of subscribers has apparently skyrocketed in the following days."


  1. Important Thing to Keep in Mind: the “security” offered by the encryption is there to protect Mega, not you.

  2. MEGA is a killer app for 2 reasons:
    -no login required
    -no app required

    It does for file what imgur does for images, that is: no login, drag and drop file sharing with anyone.

    I don’t expect security from MEGA any more than I would posting naked pictures of myself on imgur.

    Basic Rule: If you want to keep files private, don’t use the cloud*

    * cloud definition= ‘part of the internet outside your knowledge/control’.

  3. Ars is not impressed by the encryption.

    The encryption is symmetric (same key to decrypt as to encrypt) and the key is stored on Mega’s server, not your local machine, encrypted using your password. Further, there appears to be no password recovery mechanism so if you lose your password you lose everything.

    Mega also seems to be claiming to do deduplication but that is probably impossible if the encryption is truly secure since that would imply that all blocks are unique, even if they store two copies of the exact same file, so what would there be to deduplicate?

    “rather than throw up its hands and say that it has no idea what Mega users Alice or Bob have in their Mega accounts, there apparently is a way of telling whether or not Bob and Alice have the same file or files. If the MPAA gets wind that Bob is hosting a copy of The Hobbit: An Unexpectedly Long Movie in his Mega folder, and Alice also happens to have the same file in her Mega folder, it’s trivial to prove that Alice has the same file—in fact, the nature of deduplication means there’s some record of every deduplicated block, and therefore every other infringing user.”

  4. Yknow, the last time millions of people trusted Dotcom with their data, his servers got impounded, and they will probably never get their files back.  I’m not sure I would hand anything critical to cloud storage.

    1. To be fair, this is why we keep backups. If you chuck all your stuff onto the cloud sans backup, it’s time to sit down and have a birds & bees talk about security.

    2. Yay, but then: I *can* use this to do just another backup of some data I’ve got. Just another one. 

Comments are closed.