There are going to be some files that we can be confident that all uploaders are doing so illicitly, but not nearly all of them.
]]>Oh hi there.
Youtube - City Of God (2002) - Full Movie - HD 1080p.
Still on the to-watch list, but they say it's a good un.
I don't know why he's encrypting content he needs to encrypt his communications,
I just use ciphertite for encrypted backups because it was designed by openbsd devs
]]>For those who didn't read that link, MEGA is basically using AES-CBC-MAC with a fixed, known key to verify some Ajax loaded content in their page. In other words, using CBC-MAC with a publicly known key as a hash function...which it isn't.
And that's interesting because it's not a weird edge case or a coding error or a subtle problem. The basic approach is broken. And it's an understandable error for a non-crypto developer to make, but that probably shouldn't be the kind of developer you have writing crypto code for a service making a lot of noise about how secure it is.
]]>SpiderOak's Analysis and Recommendations for the Crypto in Kim Dotcom's Mega, Part One
These guys know a bit about encrypting online services
]]>
Here's one: http://arstechnica.com/tech-policy/2012/08/...
Although Kim somehow reminds me of a fat rat with a gold tooth, the actions of the FBI and the NZ cops are even more appalling and make him the underdog in this case. So GO KIM!
]]>True, and I doubt anyone believes that her ownership of 81% of Mega Limited is anything but a thin veil but legally they are two separate people and IIRC she's not on bail for anything.
I'm sure his business practices are troubling and perhaps they should be investigated but the man has acquired something of a William Tell status here by successfully standing up for himself and exposing a police force that is willing to ignore our democratic history, culture and laws for the benefit of some foreign republic.
]]>a) files that are post-encryption identical (therefore: same file encrypted with same key)
b) files that are copied (or shared) between accounts [therefore a subcase of a)]
]]>Thanks for that info, it leaves of course the $64,000 question of the "business" relationship between Kim Dotcom and Mona Verga Dotcom his wife.
After all it would not be the first time Kim's business practices had been called into question (insider trading in Germany and failing to correctly register a business in Hong Kong).
I gather from reading his wiki page that Kim is a somewhat larger than life character (although physicaly slightly smaller than me ;-) and appears to have earned himself a bit of a name and reputation in NZ. The allegations of being spyed on by proxie by the FBI treating NZ as another "Bushes poodle" and then having it confiirmed by the NZ PM with a public appology appears to have made him more of a household name in NZ than quite a few politicians...
http://en.m.wikipedia.org/wiki/Kim_Dotcom
As they say "I'll be watching this space with interest".
]]>"As I understand it the site owner is currently facing extradition proceadings to the U.S."
According to the Companies Office records, Kim Dotcom isn't the owner of Mega Limited: (Information from there on Mega Limited)
This makes Kim effectively an employee.
"he may also be iin breach of his bail conditions"
Possibly, but bail conditions never seem to be taken seriously in this country so if he is breaching them he's just following what seems, unfortunately, to be the kiwi way.
]]>Just to point out the obvious, this appears to have all the "security" of ECB mode encryption (pretty much inherent in any deduplication scheme). In other words, once you download or otherwise locate a file of illegal (or otherwise censorable) speech, encryption is no longer stopping you from finding every other bitwise identical copy of that file.
]]>Now all we need is an answer why services like Youtube don't need to do this.
]]>Furthermore Kim Dotcom is not in breach of his bail conditions, as has been stated by his lawyers during the Mega launch press conference.
]]>As I understand it the site owner is currently facing extradition proceadings to the U.S. on what are essentialy charges relating to the copying and distrubution of copyright protected material.
The site owners argument appears to be, if the site owner cannot tell if the files contain copyright protected material then he cannot be held liable.
I suspect he will find that he has misjudged our legal brethren. As far as I can tell unless he gets acknowledged "common carrier" statuss then copyright holders can still go after him for civil damages as a minimum.
Also he may also be iin breach of his bail conditions currently, so he could have already sailed to close to the wind as it where.
]]>