MEGA's Cloud Storage Has Broken Encryption
giving you guys the heads up.
You must be registered to see the links
giving you guys the heads up.
MEGA's Cloud Storage Has Broken Encryption
- Thread starter lordbolton
- Start date
- Jan 21, 2022
- 8,332
- 16,041
This video is no different than force-feeding a rat a gallon of Coca-Cola to show that caffeine can kill. Should people be aware of what they are consuming for their own safety? You bet! But 99.999999% of people aren't going to drink a metric ton of Coca-Cola. Same with idea that someone would log in and out 500-1000 times in the same session which would make their data vulnerable.
- Sep 26, 2018
- 3,130
- 3,194
- Jun 10, 2017
- 10,958
- 16,192
Yet he's totally right.
Everyone working, or having worked, on computer security know that there's no foolproof method, just not yet broken ones. Believing that Mega is different, believing that a Man in the Middle attack wouldn't works with them, believing that you couldn't smartly brute force the key, and so on, is just naivety.
The only information important to know is the one gave by rayminator , Mega reaction time. And here there's nothing to say. Warned the 24 March,
You must be registered to see the links
, what is more than encouraging and show their serious. Near than one month can feel long for this, but have to be kept in mind that they had to find a fix that do not interfere with all the already available files and already in use keys.Should they have been more secured from the start ? Yeah, of course. In an ideal utopia one would hire the bests and let them one year to PenTest their system before they release it. But not only this is unrealistic in the real world, it also don't guaranty that they haven't missed something that will be found later by someone else.
If the guy who made the video was serious, he would have started by saying that Mega already reacted and partly patched their system, and also said it in the description of the video. But well, I guess that the number of followers isn't a good indicator of seriousness ; unlike the incredibly long list of crypto wallet in the said description, that is a good indicator that the guy care more about money than about the truth.
