Putting the owner's megalomania to the side for a minute, I really admire how the guys behind this are putting it all together.
First of all, (AFAIK) this is a high-volume/high-capacity site which was built in a record short time. Not only that, but they promised it would be coming Jan 2013, and they made it on time, such a rare outcome for an IT project.
One also has to appreciate how they made sure everyone has heard of them, without spending a penny on promotion (well, if you exclude the launch extravaganza).
Finally, they seem to be very transparent in how the encryption gets applied and can handle crypto-critics quite well. I think, little by little, they're earning the average user's trust.
The part that gets me is that, had they (RIAA, MPAA, FBI, whoever) acted legally, they probably could have had something on him, I mean they didn't need to find a lot, only a little something somewhere. But no; they wanted to do it fast and with shock, probably to scare others and make sure megaupload went down, something that fits with the way they fight against piracy for the past decade or so.
It just went so horribly wrong, first the NZ judge actually respect the law instead of bowing down like it seems they expected, then the guy they fight against has the balls to match his ego and refuse to go down to bullying, and then the hydra of piracy strikes again and proves why taking megaupload down didn't really matter.
Kind of ironic how their fight against "illegal activities" fails because they refuse to use legal means.
You nailed it man. The FBI had no right to kick down his door and now he has his revenge, he is going to embarrass them with his riches from this new project.
I searched for a very popular TV series and the first link was "$name_S01E01.avi", size ~500mb. Clicking on it, I gor redirect to mega.co.nz to download "movie.exe", 715KB.
IP addresses, file ownership and payment info are stored unencrypted (http://bit.ly/VswkJi). If someone or something is advertising they have a trove of copyrighted material, the standard procedure for law enforcement is to subpoena the cloud provider for the IP of the user, then the ISP for the subscriber's physical name/address. When they confiscate their computer they'll find the data on there. What is to stop this from happening with Mega? Do they not have to respond to these subpoenas in New Zealand? What if CP is involved - will they respond then, even if not compelled by the law?
I don't understand how end-to-end encryption protects illegal file sharers if the file ownership information is stored unencrypted. I understand Mega's value prop is encryption, NOT illegal sharing, but my question remains.
Because dumber people are using HN now ? Somehow they can make links to bitly but they cannot use the exact same "markup" to link to the direct url. Especially given that there is no markup for url per see, you just type it ...
For a server in New Zealand I assume it would be covered by our three strikes law (http://3strikes.net.nz). Rights holders can send infringement notices via the users ISP for a $25 fee. After three notices (from the same copyright holder) they can then take you to our copyright tribunal for damages.
From what I've heard some notices are being sent out, but RIAA have been complaining that the $25 fee is too high.
>I don't understand how end-to-end encryption protects illegal file sharers if the file ownership information is stored unencrypted.
It doesn't. Who said it was supposed to?
In theory it protects Mega from the argument that they know what the data is and aren't stopping it, because now they can't know, but YouTube isn't encrypted and nobody expects for them to be shut down, so I'm not sure to what extent that is really even necessary.
If someone or something is advertising they have a trove of copyrighted material, the standard procedure for law enforcement is to subpoena the cloud provider for the IP of the user, then the ISP for the subscriber's physical name/address. When they confiscate their computer they'll find the data on there.
Has that ever happened in a copyright case? I get the impression that police are too busy with actual crime to investigate anything less than mega-size infringement.
Yes, frequently. Typically media does not cover smaller instances of a copyright investigation and thus the impression that this only happens in mega-sized instances.
What do you expect the law to prohibit? Encrypted data?
The issue with file lockers is this: The service that actually hosts the file doesn't know what it is. It would be totally impractical for e.g. YouTube to preemptively screen all uploads for infringement by hand. It's just not economically possible.
So YouTube has a lot of infringing stuff on it. They also have a screening system which does fingerprinting etc., which keeps a lot of infringing stuff off (and also keeps plenty of non-infringing stuff off when there are false positives.)
But you can't even do that when your service is general purpose rather than specific to video. You don't know what a password-protected RAR archive has in it, you can't fingerprint it. So there is a ton more infringing stuff on the general purpose sites. The file locker takes it down as soon as the copyright holders identify it, but then the infringers just upload it again in ten minutes.
So you say, go after the uploaders. Okay, they're in non-extradition countries or are using anonymizers. Now what?
There are two fundamental facts that make stopping copyright infringement extraordinarily difficult: First, sending bits is very, very much cheaper than identifying what they represent and whether it's infringing. Second, normal law-abiding people have a legitimate interest in the privacy of their communications. In other words, good people need the same encryption that bad people abuse, and even if they didn't, there is too much volume to economically sort it by hand anyway, and the algorithmic methods are unreasonably inaccurate. (See: huge list of all the stupid nonsense YouTube ContentID does.)
So we have a problem without a good solution. What law do you propose could fix it?
Great response. I'm not proposing any new laws, but my belief is that a judge will ultimately disagree with your statement that "The service that actually hosts the file doesn't know what it is."
You're correct that an automated service can't identify/fingerprint these digital files, but if I go to mega-search.me and see tens of thousands of copyrighted movies/music/software, it's impossible to say, "I didn't know there was illegal material on my server."
Where YouTube keeps the rights holders at bay is by having those screening mechanisms in place. If Mega's design can't make that possible, and they as a company don't take actions to protect copyright holders, then I see the courts finding a basis to shut them down - on what basis I don't know, but I don't imagine major copyright holders sitting idly by.
>You're correct that an automated service can't identify/fingerprint these digital files, but if I go to mega-search.me and see tens of thousands of copyrighted movies/music/software, it's impossible to say, "I didn't know there was illegal material on my server."
Sites like mega-search.me are operated by different people from the ones who host the data. In any given case the data hosts don't even necessarily know they exist, much less the content of the links or whether they're licensed. They have no better ability than the copyright holders themselves to discover the links and a far, far worse ability to know which links the copyright holder has licensed, which is why we put it to the copyright holders to identify them.
Meanwhile the link sites are extremely lightweight. You don't need a CDN with regional caching or any of that, you can host the whole thing from a single location for the whole world. So shutting down the link sites is whack a mole. Shutter one and a different one will be up and running in less than a day.
Again, it's an economic problem. It's not about the structure of these entities or who knows what. Changing the laws might move around the pieces on the board but it doesn't change the nature of the game. It doesn't change the fact that it costs millions of times less to send bits than to accurately filter them. You can't change economic reality so easily.
In theory we could put the genie back in the bottle, but that doesn't mean "shut down The Pirate Bay and mega-search.me," it means "shut down the Internet and stop having computers." Because computers are what create the underlying economic conditions that lead to the issue. And I have to hope that nobody is seriously suggesting that would be an acceptable trade off.
I am not one of these people who thinks we should get rid of copyright. But you can read the Das Capital as a mostly accurate criticism of the failings of capitalism without accepting Marx's conclusion that communism is preferable. The facts on the ground have changed. Copyright has to change to adapt. "Change" doesn't have to mean "abolish" but it certainly means that trying to change the modern world to fit copyright is a stupid idea when we can far more sensibly change copyright to fit the modern world.
SingleHop uses a very similar cloud + background icon motif (be it gears, a server or another object) throughout their site as well. Seems to be fairly common.
I find these gears icons funny because it is implied that all 3 gears touch each other mutually. But obviously, such a setup would prevent the whole machinery to work at all.
Except the top and bottom left gears are rotating in contradicting directions. In fact none of the gears are even connected and are just rotating on their own accord. What's the point??
So now it's really the same mega service as before with the excuse that they don't save the keys that they can access... complete with affiliates like this to provide all the high-bandwidth customers.
MU (and now Mega) are just hosting services. If you don't have a good aggregation site, it's worthless. I had a long list of great aggregation sites for MU, and I never had a single issue with viruses when using them.
The site features an "Infringement" button at the top of the page. Can I report the entire contents of the first page as infringing, since every item I see is obviously infringing? Can I then repeat that for each subsequent page?
They may all be "obviously" infringing, but they're not all "actually" infringing. For instance, one I clicked on with the name of a well known movie led to an .exe file, which was a virus and not the movie in question. There's also one called "Gay.zip", how is that "obviously" infringing?
Why don't you try http://megaspotted.com/. There you can share uploads on mega.co.nz and download files other people shared. Way better then similar 'Frensh' websites..
This being a publicly available index pointing to data stored, I can only assume that encrypted or not the owner of 'mega' is still liable for any copyrighted material hosted.
I'm not sure I follow - how are they legally being willfully blind? They can't offer private encrypted hosting AND know what they're hosting at the same time. Those two things are mutually exclusive.
We're talking about blindness of the search engines. Arguably they know the search engines exist and thus have some kind of duty to notice the rampant copyright infringement taking place and stop it.
>Arguably they know the search engines exist and thus have some kind of duty to notice the rampant copyright infringement taking place and stop it.
Are you serious? You expect them to scour the internet for third party websites and then scrape them for links? How are they even supposed to know whether a particular instance is infringing or licensed? What happens when the third party site prohibits scraping?
It isn't their job to be the copyright police. You cannot fix the problem of copyright enforcement being too expensive by foisting the cost onto a third party -- that doesn't fix that it's too expensive, it's just a textbook case of copyright owners engaging in the economic pollution known as externalizing costs.
First of all, (AFAIK) this is a high-volume/high-capacity site which was built in a record short time. Not only that, but they promised it would be coming Jan 2013, and they made it on time, such a rare outcome for an IT project.
One also has to appreciate how they made sure everyone has heard of them, without spending a penny on promotion (well, if you exclude the launch extravaganza).
Finally, they seem to be very transparent in how the encryption gets applied and can handle crypto-critics quite well. I think, little by little, they're earning the average user's trust.