It’s finally, officially, with a big middle finger in the face of the U.S. government, here: Kim Dotcom’s Mega, the stronger, better, faster, descendant of Megaupload, launched to the public this weekend, drawing in more than a million users in the first 24 hours. But is it worth the effort to be a Mega first-adopter? Let’s take a look at how the Dropbox-esque clone of a file storage (and sharing) platform functions, and find out.
If nothing else, Mega will draw you in with the 50 GB of free storage, and the ability to encrypt your files. Both features are a rarity in this day and age, so much so that Kim Dotcom’s service looks like it could be too good to be true – and that might be the case.
To get started, you’re required to sign up with an email address, name, and password. The process, quick and painless, is followed by an email authentication. The following step automatically generates a “2048-bit public/private key pair” and takes a few minutes to work, so you’ll have to be patient.
Once you’re past the sign-up phase, you arrive at the unremarkable Mega dashboard, from which you’ll do all your file uploading. Mega does not provide any pointers on how to use the site, so don’t bother going to look for a walk-through. But that doesn’t matter – Mega is simple enough to navigate that you won’t find any hidden surprises. And if you’ve used any other cloud storage service in the past, the whole thing is basically a no-brainer.
Cloud Drive, the first navigable tab and at the top of a four-tabbed list on the left-hand panel, is where you’ll find all your stored files and folders. If you’ve been a Dropbox user, Mega’s interface will be relatively familiar to you. I’ve uploaded some files, which you can see in the screenshot above. The upload speed varies depending on the document type and your Internet connection. Microsoft Word files typically took just one or two seconds. But be careful with bigger files, or batch uploads. Should you choose to upload gigabytes worth of documents, you’ll end up running uploads in the background for hours. Even the few 2-3 MB image files we tried to upload took ages. Some of them failed to upload at all, causing us to right-click on the file name and cancel the upload.
File sharing is a critical feature for Mega, and one that’s bound to help speed up adoption among file-sharers who haven’t had anywhere to go post-Megaupload. Before we dig into Mega’s file sharing capabilities, we have to warn you: If you plan to use Mega for illegally sharing copyrighted works, understand that the site’s Terms of Service are carefully crafted to redirect the blame on its users if authorities decide to come down on Mega – which, given founder Kim Dotcom’s history with the law, is all but inevitable.
With that disclaimer out of the way, here’s how file sharing works on Mega. There’s two ways to share a file: via email, or through a link. Manually adding a user by entering their email address allows the third-party access to entire files. Right-clicking on a document gives you a “Get Link” option, which generates a unique URL to the file in question. Clicking the URL opens up a download page to the document. Permission settings can be set to read-only, read & write, and full access.
The downside to file sharing with Mega is that your files can be discovered by strangers fairly easily. Think of it like MediaFire – anyone can gain access to your files should they happen to type in the correct URL.
Is it safe?
Despite its focus on security and privacy, Mega contains a number of inadequacies in these areas. One of the culprits that lends to Mega’s vulnerability is called “symmetric encryption.” One key, which enables the encryption and decryption of data, is assigned to one account. And because the key is stored on Mega’s servers, if you lose the password, say goodbye to your files – the site doesn’t offer a password recovery option.
The primary gripe with Mega’s security has to be its 2048-bit RSA key, which is assigned in pairs after signing up: one “public” key, one “private” key. Users can encrypt their files with either the public key or the private key. If the public key is used, the person receiving the file must have the public key to access it. If the private key is used, those accessing the files must have the public key. (The latter option is used in cases where the file recipient wants to ensure the identity of the file sender). Ideally, the RSA key should be affected by entropy (which, in computer lingo, roughly translates to “randomness”) as the keys are being generated. Typing a word on your keyboard, or moving our mouse are external influences that determine your key, making it harder for a third-party to decipher. Mega does collect entropy when creating the RSA keys. But, as Ars Technica notes, its method for doing so leaves a greater possibility that the RSA keys could be cracked.
Other (non-existent) features
We’ve tried to play around with the trash can, contacts list, and inbox, but the latter two features have not yet been turned on. I was able to add a friend to my contact list, but wasn’t able to chat or interact in any way. (We reached out to Dotcom to give us an idea about these additional features. We have not heard back from him, but we’ll update this article should he respond.) In addition to user-to-user instant messaging, Mega plans to add tweaks to its upload interface (like the ability to reorder the file upload list), Google Docs-like word processing and calendar tools, and greater security features.
The down low
Once pirates realize Mega’s capabilities, it’s bound to transform into another MediaFire where copyrighted material will be available by the virtual truck loads. And with the volume of content that will be shared on the site, its going to be yet another cat-and-mouse game for rights holders. As for users, the 50 GB is an attractive proposition, but be certain that you’re comfortable with Mega’s rules and the inherent openness of the platform. And remember: Mega is still in beta, so it could be a while before we see some of the polish and new features that the company has promised.
In short, Mega is off to a good first start, and may very well become the file-sharing powerhouse that Megaupload once was. For now, however, the only real reason to jump on the Mega bandwagon is the 50 GB of free storage. And really, what other reasons do you need?
- Megaupload founder Kim Dotcom can be extradited to the U.S., New Zealand court says
- Megaupload’s Kim Dotcom will live-stream his extradition appeal on YouTube
- Megaupload founder Dotcom can be extradited, NZ court rules
- Kim Dotcom’s Mega cloud service launches an iPhone app
- Kim Dotcom is one step closer to being forced back to the U.S.