Forgot your password?
typodupeerror
Piracy Privacy Security IT

Kim Dotcom's Mega Fileshare Service Riddled With Security Holes 151

Posted by timothy
from the all-a-mpaa-front-anyhow dept.
twoheadedboy writes "Kim Dotcom launched his new project Mega on Sunday, claiming it was to be 'the privacy company.' But it might not be so private after all, as security professionals have ripped it to shreds. There are numerous problems with how encryption is handled, an XSS flaw and users can't change their passwords, they say. But there are suspicions Mega is handing out encryption keys to users and touting strong security to cover its own back. After all, if Kim Dotcom and Co don't know what goes on the site, they might not be liable for copyright prosecutions, as they were for Megaupload, Mega's preprocessor." On this front, reader mask.of.sanity points out a tool in development called MegaCracker that could reveal passwords as users sign up for the site.
This discussion has been archived. No new comments can be posted.

Kim Dotcom's Mega Fileshare Service Riddled With Security Holes

Comments Filter:

Everything that can be invented has been invented. -- Charles Duell, Director of U.S. Patent Office, 1899

Working...