Mega says it can’t decrypt your files. New POC exploit shows otherwise

by
Dan Goodin
from Ars Technica - All content on (#60M33)
mega-privacy-ripped-800x450.jpg

Enlarge (credit: Aurich Lawson | Getty Images)

In the decade since larger-than-life character Kim Dotcom founded Mega, the cloud storage service has amassed 250 million registered users and stores a whopping 120 billion files that take up more than 1,000 petabytes of storage. A key selling point that has helped fuel the growth is an extraordinary promise that no top-tier Mega competitors make: Not even Mega can decrypt the data it stores.

On the company's homepage, for instance, Mega displays an image that compares its offerings to Dropbox and Google Drive. In addition to noting Mega's lower prices, the comparison emphasizes that Mega offers end-to-end encryption, whereas the other two do not.

Screenshot-2022-06-21-11.46.15-AM-640x35

Over the years, the company has repeatedly reminded the world of this supposed distinction, which is perhaps best summarized in this blog post. In it, the company claims, "As long as you ensure that your password is sufficiently strong and unique, no one will ever be able to access your data on MEGA. Even in the exceptionally improbable event MEGA's entire infrastructure is seized!" (emphasis added).

Read 18 remaining paragraphs | Comments

index?i=kOCDBGaXvsM:df_QRSgms6k:V_sGLiPB index?i=kOCDBGaXvsM:df_QRSgms6k:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments