Kim Dotcom's Mega plan

Forums › IT Pro and developers › Kim Dotcom's Mega plan

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | ... | 23

4819 posts

Uber Geek
+1 received by user: 3935

Trusted

#747665 20-Jan-2013 10:17

In the terms and conditions I found this little gem...

"8. Our service may automatically delete a piece of data you upload or give someone else access to where it determines that that data is an exact duplicate of original data already on our service. In that case, you will access that original data."

In my limited understanding of the Way Things Work (tm), that MUST mean that the data is not encrypted until after it arrives at the mega servers. Therefore, Kim and his mates _DO_ have access (albiet temporarily) to the actual data you upload.

My backup provider (Backblaze) provides a client where the data is encrypted on my machine and they as a provider never even see my unencrypted data.

Now I completely understand the mega model would probably fall apart if everyone uploaded the final of Fringe and they had to store that identical file 1000 times - but you should be aware. Mega DOES INSPECT YOUR FILE IN AN UNENCRYPTED STATE. Or at _least_ in an encrypted state that is not unique to you - as seems to be the big push (everyone has their own encryption).

Cheers - N

Please note all comments are from my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.

freitasm

BDFL - Memuneh
80682 posts

Uber Geek
+1 received by user: 41136

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#747667 20-Jan-2013 10:20

The way I read it it's more likely to be something for individual accounts. If you have the same file in multiple folders for example, or if you upload the same file within different folders and give access to different people.

Not necessarily comparing your uploaded data with someone else's uploaded data. But yes, the explaining is a bit vague.

Deduplication is nothing new in storage.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

gzt

18756 posts

Uber Geek
+1 received by user: 7883

Lifetime subscriber

#747669 20-Jan-2013 10:22

mxpress:
johnr: Just registered was very straight fwd, No idea what I am going to do with 50GB of space

I'm going to back up all of my family photos on to it. Another back up won't go astray.

That is the nature of my unique content as well. The bulk of that will be scans of older photos. Great use for it. Just registered. File upload is not working for me at present. The initial launch load will have to settle down a bit first I guess.

FYI, the FAQ more or less states that all browsers except Chrome are inadequate when dealing with larger file sizes:

We do not impose artificial limits on file sizes other than your available cloud drive space. However, some legacy or technically inadequate browsers require the entire file to be stored in memory for downloading (Firefox, IE10, Opera), or for both downloading and uploading (IE9, Safari 5)

I do not see any advertising interception type stuff. I see nothing to indicate they are proceeding with the advertising gnome strategy. That would have been really really silly.

If their strategy is growth of a webtop in this arena (they have plans to integrate email and word processing etc) all driven by storage subscriptions and content sales - if they can really keep it going - this is really the beginning of a new era. Mark my words. Everyone will follow.

Talkiet

4819 posts

Uber Geek
+1 received by user: 3935

Trusted

#747670 20-Jan-2013 10:27

freitasm: The way I read it it's more likely to be something for individual accounts. If you have the same file in multiple folders for example, or if you upload the same file within different folders and give access to different people.

Not necessarily comparing your uploaded data with someone else's uploaded data. But yes, the explaining is a bit vague.

Deduplication is nothing new in storage.

I hear what you're saying but I don't believe it applies to duplicates within your own uploads. For deduplication to make sense it needs to be across all users (or all users housed at a node or whatever)

Whatever the situation, that quoted condition very very clearly says to me that they have the ability to determine if 2 files uploaded by different users are the same. Now I would imagine there's a clever way to do this by comparing hashes, but I'd like a real explanation of how this happens.

Cheers - N

Please note all comments are from my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.

Talkiet

4819 posts

Uber Geek
+1 received by user: 3935

Trusted

#747673 20-Jan-2013 10:32

I guess the client could use a second, non unique hashing algorithm and send that back along with the upload and the encrypted file... Or if the file is transmitted before encryption that could be done at the server end... In either case though, that term was still a bit jarring given all the stories about how it's all per user encryption and how Mega have no access to the files.

Cheers - N

Please note all comments are from my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.

Talkiet

4819 posts

Uber Geek
+1 received by user: 3935

Trusted

#747676 20-Jan-2013 10:35

Found this in the privacy policy...

"Your data is encrypted by you before upload to our system and therefore we do not and cannot access that content unless we are provided with the decryption key. You may give access to others by providing them with a link and decryption key and you shall be responsible for their compliance with this Policy."

So I guess the local uploader also sends a hash made from a common algorithm.

If that's the case, then someone on Mega's network could collect hashes from popular current torrent files themselves and learn what is being uploaded.

Yeah, I love a good conspiracy theory :-)

Cheers -N

Please note all comments are from my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.

Quic Broadband

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.

vexxxboy

4342 posts

Uber Geek
+1 received by user: 2081

#747677 20-Jan-2013 10:36

Has anyone managed to upload files. I'm trying just a small 1Mb file and nothing is happening, the elapsed time is working and if i try to access the help menu it just tells me navigation is blocked because of pending file transfers

Common sense is not as common as you think.

sonyxperiageek

2984 posts

Uber Geek
+1 received by user: 397

Trusted

#747678 20-Jan-2013 10:38

Still not working for me.. 2 degrees and Slingshot. It looks like the http:// version of Mega automatically redirects to the https:// version.

Sony

zhuyan

177 posts

Master Geek
+1 received by user: 13

#747685 20-Jan-2013 11:00

Upload not working here either on Snap ADSL

Progress showing 100% however nothing showed up under destination folder

bisr

227 posts

Master Geek
+1 received by user: 19

#747689 20-Jan-2013 11:05

nakedmolerat:
bisr: ... You still are using capped broadband? Really? Been on unilimited Broadband for over a year, no more expensive than a 60GB plan. If you don't trust an outfit like Compass (from whom I have received easily the best phone support from an ISP in the last decade) then Orcon has a similarly priced deal now.

Can this unlimited broadband supports 100Mbps download and 10Mbps upload?

Almost none of our country even has access to UFB yet and he said he was on telstraclear so it is a more reasonable assumption that he is on an adsl connection than not, right?

sonyxperiageek

2984 posts

Uber Geek
+1 received by user: 397

Trusted

#747691 20-Jan-2013 11:08

Telstra Clear has InHome Cable service for Wellington, Christchurch and one other though..

Sony

Geekzone support

Support Geekzone with one-off or recurring donations Donate via PressPatron.

freitasm

BDFL - Memuneh
80682 posts

Uber Geek
+1 received by user: 41136

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#747696 20-Jan-2013 11:21

Talkiet: Found this in the privacy policy...

"Your data is encrypted by you before upload to our system and therefore we do not and cannot access that content unless we are provided with the decryption key. You may give access to others by providing them with a link and decryption key and you shall be responsible for their compliance with this Policy."

So I guess the local uploader also sends a hash made from a common algorithm.

If that's the case, then someone on Mega's network could collect hashes from popular current torrent files themselves and learn what is being uploaded.

Yeah, I love a good conspiracy theory :-)

Cheers -N

It could be done like that. But I still don't understand one thing: if they create an encryption key (probably a private/public pair) where is the key stored? If they store the key somewhere then they have access to it and can decrypt the files. If they store in the browser then it can easily disappear with all the data being lost forever if the browser is removed (computer fault, etc).

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

freitasm

BDFL - Memuneh
80682 posts

Uber Geek
+1 received by user: 41136

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#747702 20-Jan-2013 11:23

bisr:
nakedmolerat:
bisr: ... You still are using capped broadband? Really? Been on unilimited Broadband for over a year, no more expensive than a 60GB plan. If you don't trust an outfit like Compass (from whom I have received easily the best phone support from an ISP in the last decade) then Orcon has a similarly priced deal now.

Can this unlimited broadband supports 100Mbps download and 10Mbps upload?

Almost none of our country even has access to UFB yet and he said he was on telstraclear so it is a more reasonable assumption that he is on an adsl connection than not, right?

This is a reasonable assumption if you don't know/ignore the fact TelstraClear has its own HFC network in WLG, CHC and Kapiti (for the last 15 years) and 100Mbps/10Mbps plans have been available for some time now - I have been on a 100Mbps plan for at least two years now (some time before public launch).

"UFB" is not fibre only, you know?

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

Talkiet

4819 posts

Uber Geek
+1 received by user: 3935

Trusted

#747703 20-Jan-2013 11:26

freitasm:
Talkiet: Found this in the privacy policy...

"Your data is encrypted by you before upload to our system and therefore we do not and cannot access that content unless we are provided with the decryption key. You may give access to others by providing them with a link and decryption key and you shall be responsible for their compliance with this Policy."

So I guess the local uploader also sends a hash made from a common algorithm.

If that's the case, then someone on Mega's network could collect hashes from popular current torrent files themselves and learn what is being uploaded.

Yeah, I love a good conspiracy theory :-)

Cheers -N

It could be done like that. But I still don't understand one thing: if they create an encryption key (probably a private/public pair) where is the key stored? If they store the key somewhere then they have access to it and can decrypt the files. If they store in the browser then it can easily disappear with all the data being lost forever if the browser is removed (computer fault, etc).

I'm meaning that as well as encrypting the file with the super-special-secret-sauce-with-2048-spices, the local machine may also make an MD5 (simplistic I know - could be more complex) just to have a unique identifier of the file. Then this unique identifier is sent off and stored alongside the encrypted file.

In future, other uploads from other people won't be compared to the encrypted file contents of the first upload, but if the MD5 matches then it's fair to conclude it's the same file without seeing the contents of either file.

Cheers - N

Please note all comments are from my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.

freitasm

BDFL - Memuneh
80682 posts

Uber Geek
+1 received by user: 41136

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#747704 20-Jan-2013 11:27

Talkiet:
freitasm:
Talkiet: Found this in the privacy policy...

"Your data is encrypted by you before upload to our system and therefore we do not and cannot access that content unless we are provided with the decryption key. You may give access to others by providing them with a link and decryption key and you shall be responsible for their compliance with this Policy."

So I guess the local uploader also sends a hash made from a common algorithm.

If that's the case, then someone on Mega's network could collect hashes from popular current torrent files themselves and learn what is being uploaded.

Yeah, I love a good conspiracy theory :-)

Cheers -N

It could be done like that. But I still don't understand one thing: if they create an encryption key (probably a private/public pair) where is the key stored? If they store the key somewhere then they have access to it and can decrypt the files. If they store in the browser then it can easily disappear with all the data being lost forever if the browser is removed (computer fault, etc).

I'm meaning that as well as encrypting the file with the super-special-secret-sauce-with-2048-spices, the local machine may also make an MD5 (simplistic I know - could be more complex) just to have a unique identifier of the file. Then this unique identifier is sent off and stored alongside the encrypted file.

In future, other uploads from other people won't be compared to the encrypted file contents of the first upload, but if the MD5 matches then it's fair to conclude it's the same file without seeing the contents of either file.

Cheers - N

Yes, thanks. I understood that on the first reply. My subsequent comment was about something entirely different, that is WHERE and HOW the decryption keys are stored for normal use, not for deduplication.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | ... | 23