No, Kim Dotcom's New Mega Service Does Not 'Dismantle Copyright Forever'

from the a-step-forward dept

There's been lots of anticipation about Kim Dotcom's new "Mega" service. We've mostly held off commenting despite all the speculation and rumors, because, well, they were all speculation and rumors, and Dotcom has a history of hyping things way up. However, Gizmodo apparently got a sneak peak at the service, which is set to launch tomorrow, and has revealed the basic details, claiming that "this service could dismantle copyright forever." That statement is ridiculous and pure bluster, not at all supported by the service.

From the description, the service does look nice and potentially useful. It's really just a cloud storage system, not an online Dropbox or Box.net or Google Drive. It has a nicely designed file manager feature. The real "difference" is just that Mega has client-side encryption built in. So, basically, you encrypt anything you put into the Mega storage system before you upload it, and thus even Mega doesn't know what's there (mostly) and can't decrypt it. You could hack together something like this with other services, if you just encrypted stuff yourself before uploading it to other cloud drives. By building it in, however, Mega is clearly adding a significant level of convenience.

All in all, it does look like a pretty nice service, and one that may be worth checking out if you use cloud storage regularly. That said, the claims of destroying copyright seem overblown. If the claim that a file can be shared "with a single right-click" is accurate, then once that link is used, it would be simple for anyone with access to Mega's log files -- including Mega and, potentially, government agents -- to decrypt the file and see what's in it. If that claim is an exaggeration, and a key needs to also be shared separately, then it's no different than how encrypted data is shared already. And copyright still exists.

There may be some more details to come out once the product is officially launched tomorrow, but if the service is to be used for sharing, as implied, then there has to be a decryption process somewhere. The Gizmodo piece is as bit unclear, but it sounds like this likely involves two Mega users having their local clients talk to each other somehow to share the decrypt code. But, obviously, a government or Mega itself could potentially also be that local client on the other end. Basically, once you're sharing, the "encryption" issue is still handy, but not a huge deal. And the user may be very liable for infringement.

In the end, it sounds like there are some nice features, and some additional protections from liability for Mega specifically, but I don't see how this "dismantles copyright" even temporarily, let alone forever. Also, given the way the government likes to interpret things, you can bet that if it wanted to, it will make the case that this use of encryption is a form of "inducement" for infringement as well.

All in all, it looks like an interesting product, though hardly revolutionary.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cloud drive, copyright, encryption, file sharing, kim dotcom, mega, storage locker
Companies: mega


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 18 Jan 2013 @ 2:08pm

    Stop being a killjoy :(

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Jan 2013 @ 2:09pm

    no chance that the Gismodo reporter was 'incentivised' to report what the service would do to copyright, just to gee law enforcement and congress into believing that the entertainment industries claims about mega were right all along then? you dont think there may have been a good portion of bullshit included in the report, just to spice it up a bit?

    link to this | view in chronology ]

  • icon
    Andrew Norton (profile), 18 Jan 2013 @ 2:11pm

    I've been playing with it for a bit, seems ok, not great.

    link to this | view in chronology ]

  • icon
    Lowestofthekeys (profile), 18 Jan 2013 @ 2:18pm

    I looked at his logic on how the encryption key works with sharing, and frankly, the way Dotcom has this system setup is no different than how you're able to download music through a magent torrent, or files from Google drive.

    However, I am wondering if Mega will make the encryption key for the file/folder random with each share. For example, if you wanted to share a file with 5 of your friend, you would have to generate and send them 5 different keys.

    If that's the case, then I don't see people choosing Mega as a way to share to millions of people.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 18 Jan 2013 @ 2:46pm

      Re:

      The file is encrypted on the user machine before upload, so the same key can be used by all those you want to share the file, just send them the key, or even publish it with the link.

      link to this | view in chronology ]

    • icon
      Franklin G Ryzzo (profile), 18 Jan 2013 @ 2:55pm

      Re:

      I believe the main purpose of the encryption is to provide Mega with plausible deniabilty in being able to say beyond a shadow of a doubt that they were unaware of whatever the stored content contains. Encryption for the user is just a secondary benefit. My understanding from the Ars review is that the encryption key can be generated within or separately from the download link, but it didn't mention if you can generate user specific decryption keys.

      link to this | view in chronology ]

      • icon
        Lowestofthekeys (profile), 18 Jan 2013 @ 3:44pm

        Re: Re:

        I remember reading about how it would help keep them from getting into legal hot water again (I'm sure the DOJ would find some kind of excuse, nevertheless) and how it would be generated locally, but I wonder if he considered other measures to limiting the ability to share on a massive scale.

        I guess we will find out in the next week or so.

        link to this | view in chronology ]

        • icon
          Zos (profile), 18 Jan 2013 @ 4:02pm

          Re: Re: Re:

          i seriously doubt that was a consideration, i'd kind of assumed the effort was a giant middle finger to the DOJ, with the secondary benefit of user friendly built in crypto.

          link to this | view in chronology ]

      • icon
        The Groove Tiger (profile), 20 Jan 2013 @ 1:18pm

        Re: Re:

        Yeah, I think the idea is that even if the key is shared publicly, it could be Mega's policy that they never ever look at keys on the net. So even if I put a link in my website and the key alongside it, Mega wouldn't have looked for it so they can say that they just don't know it.

        link to this | view in chronology ]

  • icon
    weneedhelp (profile), 18 Jan 2013 @ 2:35pm

    C'mon Kim

    How long until Mega-Tron gets the Mega DOJ to shut down this new Mega service with Mega-lawers?


    About a week.

    link to this | view in chronology ]

    • identicon
      anonymouse, 18 Jan 2013 @ 4:08pm

      Re: C'mon Kim

      I think Dotcom jumped the gun here just a little, he is about to get a lot of money from the DOJ, I suspect, and would be protected from them making any further false allegations without 100% proof, which is what is suspect a judge will say when they apply for a search or seizure warrant.Nobody is going to take him down though, I am sure he will not let that happen again.

      link to this | view in chronology ]

      • icon
        Ninja (profile), 21 Jan 2013 @ 2:25am

        Re: Re: C'mon Kim

        How do you suggest he make money to live and pay for the expenses of the lawsuits then? Work at the grocery store in the next corner? He did what the law mandates and got prosecuted for that. He's just adding further layers to be completely exempt from any of the current accusations.

        link to this | view in chronology ]

  • identicon
    Renan Decarlo, 18 Jan 2013 @ 2:52pm

    The problem with the copyright infringement on the old Megaupload was that they were "aware" of what users were uploading. With the new Mega, the file is encrypted before the upload, so they don't know what is being sent.

    The file can only be opened if you have the key, which can only be provided by the uploader of the file.
    The decryption proccess must be done on your computer.

    Mega will not have access to that key nor it'll store it somewhere. As it's done locally, the key might be stored somewhere in the uploader machine.

    link to this | view in chronology ]

    • icon
      akp (profile), 18 Jan 2013 @ 3:31pm

      Re:

      With the rank technical incompetence of most prosecutors and members of law enforcement, I doubt they'll realize the distinction. They'll couch their accusations in terms of Mega now "circumventing" copy protections or some such drivel.

      link to this | view in chronology ]

      • icon
        alanbleiweiss (profile), 18 Jan 2013 @ 8:36pm

        Re: Re:

        this is why I need to read TechDirt 24x7. As soon as I read the article just now, I thought "yep - Carmen Ortiz will be given the case, and her "career thugs" will just slap a "clear attempt to circumvent copy protection" in there....

        link to this | view in chronology ]

    • identicon
      Tyler, 19 Jan 2013 @ 4:10am

      Re:

      That can't be true, they would have to store it somewhere, i mean what if you lose it and have no way to access the machine you uploaded it from?

      link to this | view in chronology ]

    • icon
      Ninja (profile), 21 Jan 2013 @ 2:52am

      Re:

      Being generally aware that your service may be being used to infringe a law does not make you liable. ISPs are aware their networks are used for illegal stuff, postal services are aware, road operators are aware... None were prosecuted.

      link to this | view in chronology ]

  • icon
    Zakida Paul (profile), 18 Jan 2013 @ 2:52pm

    If it does dismantle copyright forever I will eat my own testicles.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Jan 2013 @ 2:53pm

    Nodes?

    Well the system is supposed to be decentralized too and there was talk of allowing people to sign up and become nodes. They would sign up and allow their computer to act as a node and files would be stored on there from other users. This way if the main site gets shut down everyone can still access their data.

    If they do go that route and lets say someone uploads an infringing file. Could the MAFIAA would go after that person who's computer it happened to be hosted on as well?

    link to this | view in chronology ]

    • icon
      Franklin G Ryzzo (profile), 18 Jan 2013 @ 3:00pm

      Re: Nodes?

      With the local encryption done by the original uploader prior to sharing the file, and node volunteer should have a fully legitimate defense that they could not have known the content of the stored files. What I'm wondering about is how DMCA takedowns will be handled (if Mega will be honoring them going forward). Will takedowns be done centrally through MEGA or will they be passed on to the node volunteer? And if they are passed on, what is the node volunteers liability for failure to act?

      link to this | view in chronology ]

      • icon
        akp (profile), 18 Jan 2013 @ 3:33pm

        Re: Re: Nodes?

        How can they do DMCA takedowns if they don't know what's in a given file?

        Can I court a takedown if I call my vacation video "Prometheus"? Maybe we'll go back to the warez days of calling everything "Potosh00p"

        link to this | view in chronology ]

        • icon
          alanbleiweiss (profile), 18 Jan 2013 @ 8:39pm

          Re: Re: Re: Nodes?

          warez? whats warez? Never heard of it. #Innocent #NeverUsedWarez #ExceptWhenICouldntAffordAProgram #WhichMeansPiracyDoesntReduceRevenue #ButYouNeverHeardThatFromMe

          link to this | view in chronology ]

      • icon
        G Thompson (profile), 18 Jan 2013 @ 3:46pm

        Re: Re: Nodes?

        Firstly the DMCA is only a quasi-legal notice that absolves providers of liability if and only if they are taken to court by the content holders. If a provider fails to act then there is no liability other than they do not get to affirmatively have a defence under 230. Though this doesn't mean they cannot bring it up in court after the fact.

        As for mega, no idea if they will honour DMCA requests... there is no legal reason why they should and based on previous action against them there is really no ethical reason why they should either.

        The node volunteers liability is up in the air, though firstly Mega needs to state whom the node is (if it can be discovered) and they would require a court order in the jurisdiction thy are within (Mega's jurisdiction not the nodes) and then the Node, again if it's possible to even know the nodes identifiable information (they could just not have logs.. its not illegal to not keep them) has the ability to challenge any orders to find out a postal address and contact name (which is also required for a valid notice under the DMCA). See the problem?

        Also the DMCA is ONLY valid really if the node is within the USA or its territories anywhere else the DMCA is basically toilet paper and personally I suggest it should be used as such (though the ink might stain)

        This could become a more thorny issue and major nail in the coffin then what Bittorrent was. In fact I'm reminded of Napster in that the content owners took Napster to court, destroyed Napster and annoyed millions of people worldwide. Therefore new protocol and services were designed and implemented that did exactly the same as what Napster did but in a decentralised way.

        Sometimes when you try to destroy something, what takes it place is worse or better than what you destroyed... It is all dependent on your viewpoint.

        link to this | view in chronology ]

        • icon
          Franklin G Ryzzo (profile), 18 Jan 2013 @ 5:31pm

          Re: Re: Re: Nodes?

          I completely agree that innovation always outpaces legislation. The internet community truly is a hydra.

          I also agree that it would really surprise me if Mega honors the DMCA anymore after what the DOJ has done to them.

          I suppose we'll have to wait and see how it's all setup, but I'll be really interested to see how the node volunteer program works. My guess is that there will be many Americans that may want to support Mega, and I would have to assume that the DOJ/MAFIAA will be be attempting to take action against them no matter what laws they have to stretch or skirt around after the total failure their case against Dotcom has become.

          I'd assume that if nothing is ever passed on to the node volunteers directly (by this I mean notification of infringement) then the encryption gives them complete deniability of any knowledge of infringement. You also raise an interesting point about the potential, or lack there of, for obtaining records on node volunteers. I'd also be interested to see if the program works anonymously or through a VPN service... I guess we'll find out soon enough.

          link to this | view in chronology ]

        • icon
          That Anonymous Coward (profile), 18 Jan 2013 @ 8:26pm

          Re: Re: Re: Nodes?

          Mega used to honor DMCA takedowns.
          Mega gave the cartels extra super duper access beyond legal requirements.
          Mega still got screwed.

          I would suspect that the DMCA response's from Mega will be offshored to TPB. I mean those guys need to earn some money to pay of the insane demands... and the extra smiles all around.

          link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Jan 2013 @ 3:22pm

    encryption is the peoples DRM

    link to this | view in chronology ]

    • icon
      alanbleiweiss (profile), 18 Jan 2013 @ 8:41pm

      Re:

      ah that's another tactic DOJ could use. Bring in Homeland Insecurity and claim MEGA is supporting terrorists by allowing the encryption prior to upload....

      link to this | view in chronology ]

  • identicon
    New Mexico Mark, 18 Jan 2013 @ 3:53pm

    Sounds like

    what SpiderOak has been doing for years, but their model is simply charging storage for more than the amount they give away. It will be interesting to see how MEGA monetizes this without access to the contents.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Jan 2013 @ 5:42pm

    There was some past notes in the news put out, that the copyright holders could access files to remove those deemed infringing but they would be required to sign a statement before getting access about holding Mega blameless for what might be on their servers. This was in particularly aimed at the way the takedown was done with DOJ/ICE previously.

    About the only way that copyright holders will be able to identify files is to be on those file sharing sites to obtain the description, the link, and the encryption key for verification. This is going to mean a lot more eyes and butts occupying computer seats to check. None of the copyright holders are going to wanna do this as it's an increase in people/hours to do so. They are looking at ways to get someone else to pay for removing infringing files.

    link to this | view in chronology ]

  • identicon
    FreeCultureForFreePeople, 18 Jan 2013 @ 6:00pm

    http://www.techdirt.com/articles/20121127/13221421157/german-court-holds-internet-user-responsible-p assing-unknown-encrypted-file.shtml

    A German court recently held a Retroshare user responsible of passing on an encrypted file. Retroshare is an invites-based filesharing network and using its own client software. His computer was only a pass-through between sender and receiver and the encryption made it impossible for him to know the contents of that file. Didn't impress the court, though, and I wonder - could the same twisted 'logic' be applied to Kim's new service, too? I hope not...

    link to this | view in chronology ]

    • identicon
      Mr. Applegate, 18 Jan 2013 @ 6:32pm

      Re:

      " I wonder - could the same twisted 'logic' be applied to Kim's new service, too?"

      Certainly, if your encrypting data (or passing it) then you obviously have something to hide. We will even let you choose your fate, you can be prosecuted as a terrorist or a be prosecuted as a pirate, either way your going to prison for a very long time.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 18 Jan 2013 @ 6:37pm

        Re: Re:

        And the moon is made of green cheese too didn't you know.

        link to this | view in chronology ]

        • identicon
          Mr. Applegate, 18 Jan 2013 @ 6:54pm

          Re: Re: Re:

          There was a time when when you had to be found guilty of something in a court of law to be punished. That is no longer true. Now it is enough that you are accused a few times.

          I suppose Aaron Swartz wasn't disproportionately prosecuted either.

          link to this | view in chronology ]

      • identicon
        Anonymous Coward, 19 Jan 2013 @ 10:54am

        Re: Re:

        Really, are you a lawyer? Care to explain how this would work if the system was truly fair and impartial? Of course not, save your FUD.

        link to this | view in chronology ]

    • icon
      G Thompson (profile), 18 Jan 2013 @ 10:57pm

      Re:

      This amuses me especially if you know anything about the transmission of ANY sort of data into packets or even to go fro Digital to Analogue (or vise versa) then you would understand that that too is a form of encryption and decryption.

      Unless you actually place a sniffing program in place to analyse the packets being sent by a network then you have no freakin idea what is being sent around the world via the routers the government or other ISP's in Germany own either. In fact this just proves that the German govt (if they own any form of telecommunication device be it copper cables, satellites, etc etc) should also be charged under this courts fallacious and lets put it bluntly STUPID logic. They haven't just created a sort of legal fiction they have fed it LSD and sent it into orbit.

      link to this | view in chronology ]

  • identicon
    Mr. Applegate, 18 Jan 2013 @ 6:21pm

    Enter, Encrypted Cloud Storage Tax.

    Enter need for more super computers (to crack encryption)

    Enter new laws banning encryption without back door key.

    Enter spyware and hacking attempts aimed directly at computers who use Kim Dotcom's New Mega Service and takes the keys right off the end users machine.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Jan 2013 @ 8:23pm

    At the end of the day, if it becomes popular it might indeed lead to "encryption for the masses" as they say, because I've been wanting for a while for Google and others to offer encryption in the browser for their services.

    If you want to "share" with the masses, then yes it won't make you safe. But if you keep it between a few friends, then at least you cut out the middlemen like Google or Microsoft from knowing what you have in there.

    I'd say that would be a pretty significant progress for cloud services, if Mega managed to popularize this.

    link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    identicon
    Niceguy, 18 Jan 2013 @ 8:35pm

    New mega site

    Providing encryption to users is just another way this CRIMINAL KROUT (Kim Dotcom) can continue his dishonest file sharing behaviour.

    Shame on Prime Minister John Key & Councillor John Banks for allowing this known convicted criminal to be fast tracked for NZ citizenship. Money sure does talk… I hope that kiwis remember this when it comes to the next general election.

    However, they could redeem themselves by revoking his citizenship and handing him over to the FBI… A holiday in gitmo for him and his cronies would be justification indeed.

    link to this | view in chronology ]

    • icon
      alanbleiweiss (profile), 18 Jan 2013 @ 8:46pm

      Re: New mega site

      "CRIMINAL KROUT"? "gitmo"? wow. You're both a racist and a stooge/lackey for government or the 20th century corporate machine - its so transparent it causes me to spit up my soup as I'm reading...

      link to this | view in chronology ]

    • icon
      JMT (profile), 19 Jan 2013 @ 1:24am

      Re: New mega site

      If you're going to resort to immature name-calling, at least spell them right so you avoid looking like an ignorant ass.

      link to this | view in chronology ]

  • icon
    art guerrilla (profile), 19 Jan 2013 @ 5:00am

    yeah, i'm done with Empire, i'm rooting for the 'bad guys', now...

    go kim go ! ! !

    stick your pudgy fingers in the eye of sauron, just look out when the nazgul take flight...

    i don't know that i even have any use for this service, but i'm going to look into it JUST TO FUCK WITH THE MAN...

    screw Empire, i'm done being associated with a monstrous system built to enrich the powerful...

    Empire must fall, BY ANY MEANS NECESSARY...

    art guerrilla
    aka ann archy
    eof

    link to this | view in chronology ]

    • icon
      art guerrilla (profile), 21 Jan 2013 @ 11:45am

      Re: yeah, i'm done with Empire, i'm rooting for the 'bad guys', now...

      (talking to myself and feeling fine...)

      had to try about 4-5 times over 16-18 hours to finally log on and set up an account...
      did so...

      one small 'fuck you' from me, one giant FOAD for the MAFIAA!

      oh, everybody, here is my password: **********
      have at it !

      art guerrilla
      aka ann archy
      eof

      link to this | view in chronology ]

  • icon
    Ninja (profile), 21 Jan 2013 @ 3:06am

    That's AWESOME. Back from the ashes and in the face of the MAFIAA and the corruption of DOJ!

    Let us see how things develop. So far the pricing is plain sexy.

    Funny thin, the MAFIAA got me cheering on this guy that would gone past largely unknown/unimportant to me had they not tried to bring him down at all costs. Epic fail for them ;)

    link to this | view in chronology ]

  • identicon
    lolzzzzz, 21 Jan 2013 @ 1:23pm

    and it still doesnt work

    ya so big deal
    nice data mining operation

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Jan 2013 @ 4:10pm

    Article correction: The key probably cannot be recovered from the logs

    From the screenshot in the Gizmodo article, the request is passing the key as a hashtag reference (in-page link). This does not get transported in the HTTP requests, but is accessible to Javascript on the client side.

    Assuming the Javascript they serve up to clients isn't actively backdoored to push the key back to the server through a separate request, they don't get the key from the download requests. The key in the screenshot is a bit short, though - it's 8 characters of upper+lower case, which is less than 46 bits of data. A real URL from a screen capture at YouTube looks like it has a more realistic length, though: http://youtu.be/-jOHfnNclF0?t=1m6s

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 27 May 2013 @ 8:54pm

    This is really nice. Thanks for your information
    Dot net training in chennai

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.