Tuesday, February 5, 2013

Why Mega is different?


Dropbox, Box, rapidshare, filesonic, google drive and Mega are services that allow you to put your data on the cloud for free.

Now of course when we consider to put our data on the cloud, our biggest concerns is security. And whether this data is for enterprise or personal use, it always feels like compromising your privacy desire when you decide to put it on the public internet.

When uploading your data on the could, it will exposed to attacks at two points:
  • in-flight :when it is being transmitted over the security of the public internet.
  • At rest :When it is on the cloud servers. 
Like every other service, Mega employs cryptography to protect data in-flight by wrapping communication with SSL encryption. So, there is nothing new in this part.

Why Mega is different? Why I trust it?

But Mega is unique in its approach to handling encryption at rest. Instead of storing encryption keys for a client’s data within Mega’s infrastructure, Mega gives their cryptography back to their users.
So Mega users encrypt their own data after sending it to Mega’s servers, and store keys locally such that even Mega can’t read their data.

Which mean that Mega can't and is not able to hand your content to
authorities. 

In simpler words: users keep their own keys and send data in the form of encrypted cipher text rather than unencrypted plain text. And it seems like Kim is very comfortable with Mega's security since he's offering 14000$ per vulnerability.

Kim Dotcom @KimDotcom
The #Mega crypto & security REWARD PROGRAM is live. Earn up to 10,000 EURO per vulnerability. https://mega.co.nz/#blog_6

After falling victim or its success for the first few days of its launching (Overloaded servers), Mega is functionning perfectly and users are satisfied as Kim Dotcom state in a tweet that raised the question of : "What's next?"


 

No comments:

Post a Comment