On Saturday, one year after Megaupload was shut down by the U.S. Department of Justice, founder Kim Dotcom launched his new online file hosting service, Mega. Ironically, considering how he spent the last year being prosecuted by movie and record industry giants, Mega was announced up and running with a ceremony held outside his New Zealand mansion filled with theatrics and performances, including a re-enactment of the FBI raid. Within 24 hours of cloud storage service’s launch, over 1 million users had signed up.
“Why all the pomp and circumstance?” you may ask. “Aren’t there dozens of other file hosting services already, like Dropbox and Google Drive?” While that is true, Mega isn’t simply another file-hosting alternative; rather, it’s a statement by Dotcom and his supporters against the U.S. government’s overzealous crusade against copyright infringement. With its unique built-in file encryption and message encryption, Mega may prove to be the start of similar file-sharing services that will protect users’ privacy.
To better understand the significance of Mega, you need to know the story of Megaupload. Founded in 2005, Megaupload was designed to be an online file-hosting and viewing service. But by the time it was shut down in 2012, Megaupload had become the 13th most visited site on the Internet, with over 50 million visitors per day and 180 million registered users. On Jan. 19, 2012, the Department of Justice shut down Megaupload and charged Kim Dotcom with multiple accounts of promoting criminal copyright infringement.
In order to prevent similar charges, Mega encrypts all data users upload with the block cypher AES-128. The data uploaded is transformed with an encryption key before stored in the cloud storage. When the file is retrieved, the key is used to reverse the process and unencrypt the data. Each user is randomly generated a key once at sign up and linked to the user’s account. What this means is, no matter what type of file you upload, no one besides you — not even Mega — knows what the file is. And unless you provide others with the key, even if your file is downloaded by other users, they will not be able to view it.
However, because of this strict adherence to privacy by Mega, each user’s key is generated only once and not stored or kept by Mega. This makes it imperative that you do not lose your key; otherwise you will never be able to access your data again.
Get The Daily Illini in your inbox!
With that said, in the end this encryption process will protect Dotcom and Mega more than its users. By encrypting the data so not even Mega knows what it is, the website can claim plausible deniability and put the blame squarely on the users who do upload copyright infringing materials. Hopefully, Mega will be the start of widespread encrypted Web services to help protect the privacy of users everywhere.
Brian can be reached at [email protected]