Brontoforumus Archive

Please login or register.

Login with username, password and session length
Advanced search  

News:


This board has been fossilized.
You are reading an archive of Brontoforumus, a.k.a. The Worst Forums Ever, from 2008 to early 2014.  Registration and posting (for most members) has been disabled here to discourage spambots from taking over.  Old members can still log in to view boards, PMs, etc.

The new message board is at http://brontoforum.us.

Pages: 1 2 3 4 [5]

Author Topic: MegaUpload  (Read 5699 times)

0 Members and 1 Guest are viewing this topic.

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: MegaUpload
« Reply #80 on: September 27, 2012, 07:56:03 AM »

So uh don't know if you guys have been following this but pretty much everything the New Zealand authorities did in the Dotcom arrest was grossly illegal.

Including the NZ equivalent of the CIA spying on him even though he's a permanent resident and they're not supposed to spy on permanent residents.

Now he's gotten a personal apology for the PM.

This whole thing's a giant clusterfuck, and it's stunning just how badly they've screwed the pooch when it should have been pretty fucking easy to use actual legal means to prove MegaUpload was violating the law because uh no shit.

This is what happens when you put record company execs in charge of international criminal investigations.
Logged

Brentai

  • https://www.youtube.com/watch?v=DnXYVlPgX_o
  • Admin
  • Tested
  • Karma: -65281
  • Posts: 17524
    • View Profile
Re: MegaUpload
« Reply #81 on: September 27, 2012, 10:00:31 AM »

Which is of course what the core of the whole SOPA debate was about: "Yo dawgs it's not that we support piracy per se* it's just that you guys don't seem to know what the hell you're doing."

* Usually.
Logged

Büge

  • won't give you fleaz
  • Tested
  • Karma: -65304
  • Posts: 10062
    • View Profile
Re: MegaUpload
« Reply #82 on: September 27, 2012, 10:31:27 AM »

This is what happens when you put record company execs in charge of international criminal investigations.

I am above the law!
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: MegaUpload
« Reply #83 on: January 21, 2013, 11:51:51 AM »

So Kim Dotcom's got himself a new, encrypted file locker service called Mega.  Ars has described the launch party and interviewed Dotcom himself, but their most interesting feature on the subject is a quick look at its encryption scheme.

tl;dr it could be better.

The keys are generated with JavaScript and it looks like there's a problem generating entropy.
Encryption is based on the user's password, which necessitates not letting users change their passwords.
And there appears to be a deduplication scheme in place -- which, while obviously smart from the perspective of saving storage space, has at least one major security concern: if multiple users upload the same file, there is a record of every user who has that same file.  So if one user is compromised, everybody else who has the same file is implicated.
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: MegaUpload
« Reply #84 on: January 22, 2013, 05:04:54 PM »

Also when you sign up you get a confirmation E-Mail that includes a hashed password and encryption key.

A commenter gets to the heart of it:

Quote
Mega is not designed to primarily be safe for the users and their data. Mega is designed to be safe for the owners and operators of Mega first and foremost. In spite of their claims to security for the users, that was never the point. The point was to build a file-sharing system where the operators had no control or knowledge of the data that was stored to protect the owners from civil and criminal liability. This, they seem to have accomplished.

Believing they built Mega for you and the security of your data is a bit pie-in-the-sky. It was never the primary goal at all.
Logged

Brentai

  • https://www.youtube.com/watch?v=DnXYVlPgX_o
  • Admin
  • Tested
  • Karma: -65281
  • Posts: 17524
    • View Profile
Re: MegaUpload
« Reply #85 on: January 22, 2013, 06:25:46 PM »

Except it sounds reasonable to expect Kim to be able to compromise your data at least as well as a random comp sci student, so I'm not sure that's going to fly in a court that will use any reasonable excuse to pin something on him.
Logged

Thad

  • Master of Karate and Friendship for Everyone
  • Admin
  • Tested
  • Karma: -65394
  • Posts: 12111
    • View Profile
    • corporate-sellout.com
Re: MegaUpload
« Reply #86 on: January 23, 2013, 12:04:32 AM »

Well, the thing that sunk MegaUpload last time was that Dotcom and his associates were stupid enough to actually write E-Mails referring directly to infringing files hosted on the site.  And even then, both our justice department and New Zealand's botched the case pretty fucking badly.

The safe harbor provision is plenty to protect any site that complies with DMCA takedowns.  And this site is based around the premise of making it way the hell more difficult to ISSUE DMCA takedowns.
Logged

TA

  • Tested
  • Karma: 29
  • Posts: 3219
    • View Profile
Re: MegaUpload
« Reply #87 on: January 23, 2013, 01:19:49 AM »

I like that the URL is Megaconz.  Sounds trustworthy.
Logged
Do you understand how terrifying the words “vibrating strap on” are for an asexual? That’s like saying “the holocaust” to a Jew.
Pages: 1 2 3 4 [5]