My inner civil libertarian cheers at this, although one wonders how useful a public storage locker is without any associated content discovery tools.
But my inner policeman hesitates. If actual bad guys (organized crime, drug cartels, spies, terrorists, governments, script kiddies, or anyone else working outside the law) can communicate and operate with impunity, the technology is not an unequivocally good thing. The broadly accepted way we deal with this is to have warrant-based interception and eavesdropping; it's hard to argue that our law enforcement services would best operate without any tools other than direct physical surveillance. So presumably even Mega would need to comply with legal wiretapping requests. Happily for Mega, and unhappily for law enforcement, doing it at the server doesn't get them anything with this scheme. But that simply compels law enforcement to get much more invasive, in a way that's hard for citizens to monitor: Find a way to install eavesdropping tools on the suspect's machine so access is gained before encryption.
I'm not sure where all this is headed; it's a brave new world.
(Heading off potential replies about the growing use of warrantless wiretaps -- of course those are unacceptable. But wiretapping with a warrant is a vital, crucial tool, and that's all I'm discussing here.)
> But my inner policeman hesitates. If actual bad guys (organized crime, drug cartels, spies, terrorists, governments, script kiddies, or anyone else working outside the law) can communicate and operate with impunity
This tool is still just a cyber-locker, it doesn't allow you to launch a ddos attack, or run scripts, or even communicate, you need a channel of communication established elsewhere to pass the keys. It's just an easier way to share files with people you're already communicating with in some manner.
Even today, nothing stops bad guys from encrypting using available tools in their PC and upload to a public file sharing service. Only thing the proposed Mega service is doing is making the process simpler. Believe this is going to be the future unless governments ban encryption all together which might not picture them in a better light amongst all of us.
But my inner policeman hesitates. If actual bad guys (organized crime, drug cartels, spies, terrorists, governments, script kiddies, or anyone else working outside the law) can communicate and operate with impunity, the technology is not an unequivocally good thing. The broadly accepted way we deal with this is to have warrant-based interception and eavesdropping; it's hard to argue that our law enforcement services would best operate without any tools other than direct physical surveillance. So presumably even Mega would need to comply with legal wiretapping requests. Happily for Mega, and unhappily for law enforcement, doing it at the server doesn't get them anything with this scheme. But that simply compels law enforcement to get much more invasive, in a way that's hard for citizens to monitor: Find a way to install eavesdropping tools on the suspect's machine so access is gained before encryption.
I'm not sure where all this is headed; it's a brave new world.
(Heading off potential replies about the growing use of warrantless wiretaps -- of course those are unacceptable. But wiretapping with a warrant is a vital, crucial tool, and that's all I'm discussing here.)