And it gets the message across to crackers
"If you crack this we can negotiate up to the point you tell anyone - then its 10k if you get past the collusion accusation"
Kim Dotcom is offering a prize of € 10,000 ($13,600) for anyone who can break the cryptography of Mega, his recently launched cloud-based storage site. Mega's launch last month was meet by criticism from multiple security researchers. Everything a user uploads is encrypted before it leaves their browser, using a master key …
Given your history with the Feds, Mr Kimble, breaking it from the outside isn't really the concen is it? They'll be all over you before you can spell subpoena.
As was covered adequately in your last appearance in the El Reg comments, you can have block deduplication (old news) or you can have unbreakable crypto (old news), but not both. If you've got a way of doing both then stump up with the algorithm. Or just carry on talking yourself up - who knows, maybe there are a few investors out there unaware of your track record with other people's money.
Not really. Either the files are public which is essentially the same as before or the keys are shared. If you want to share the keys at any decent scale then they'll need to be posted on forums somewhere, probably a private one reminiscent of Demonoid. It really isn't hard for the feds to join pirate sites, they don't exactly require photo ID.
Rather than braking in and bragging it wold be far better to break in and leave a little side window open then leave evidence you'd been there for months.
It sees to be all the rage with governments and large corporations who discover they've had lodgers for a year or so.
Given that Kim "Kimble" Dotcom is the quintessential wideboy (in more senses than one), I smell a rat. Even if you do audit his crappy crypto, he will probably just keep you "negotiating" long enough to have people fix it, so disclosure no longer matters. At that point, you'll probably be paid a grand total of Jack Shit, and you've done the work for free.
In the USA at least. Just published rules regarding things like copyright and the (dreaded) DCMA say that the simple act of "jailbreaking" a cell phone so you can use it on another carrier is an offense. Not good! What will the penalty be for breaking Mr. DotCom's crypto. Who knows?
Me? I really don't want to find out.
Then again, he may be hiding some child porn and that could get you into trouble as well!
It would seem that the popularity of MEGA is directly proportional to the ease with which pirated material can be shared. If it were just about being able to encrypt and share files with a small group, then my site, ThreadThat dotcom, would be more popular. It has been my experience that privacy is not a motivating factor in the use of file sharing services.
Biting the hand that feeds IT © 1998–2020