Mega Repeat: Search Engine Mimics Dotcoms MegaUpload

  /     /     /  
Publicated : 22/11/2024   Category : security


Mega Repeat: Search Engine Mimics Dotcoms MegaUpload


Crowdsourced MegaSearch site indexes all files on Mega, allowing users to share uploaded, encrypted content.



Who Is Hacking U.S. Banks? 8 Facts (click image for larger view and for slideshow)
Theres a new file-sharing game in town: Mega-Search.me. But unlike dedicated file-sharing sites, this one is just a search engine designed for people to submit links to content that theyve already uploaded to the file-storage site Mega.
In other words, thanks to an apparent crowdsourcing twist, the combination of Mega and
Mega-Search.me
enables people upload, share, or retrieve any file -- just as they did with the
disgraced
Megaupload. Already more than 2000 links, claimed a
tweet from Mega-Search
last week.
Although files uploaded to Mega are encrypted, the decryption key is included in the link to the file thats generated for users. Thus any file URL thats publicly disclosed can be used by anyone else to download and decrypt the stored file. A file-sharing feature is notably absent in the official Mega site, which offers 50GB of cloud storage for free, as well as premium accounts offering more.
[ Read more about the new Mega site:
Mega Insecure: Kim Dotcom Defends Rebooted Megaupload Security
. ]
Mega launched at 6:48 a.m. New Zealand time on Jan. 20, 2013 -- the precise anniversary of
New Zealand police and FBI agents
raid last year of Megaupload founder Kim Dotcoms home and
shutdown of all Megaupload servers
in the United States.
The Department of Justice have accused Dotcom and three other key company officials of using Megaupload to illegally generate $175 million in profits, while causing $500 million in damage to copyright holders, by condoning and supporting illegal file sharing, in part by ignoring numerous takedown requests. Prosecutors are continuing to
seek the four mens extradition
from New Zealand to the United States to stand trial. All four men have said theyre innocent, and fought the extradition request.
The launch of Mega was meant to signal Dotcoms cloud storage second coming, and this time on a more clear legal footing. Indeed, given the FBIs takedown of his previous site, this one appeared to be designed by the companys lawyers to protect the executives from any accusations that they were promoting the illegal sharing of files. Instead, the new service has been pitched as a competitor to Dropbox, Google Drive, and Microsoft SkyDrive, but with added security features. In particular, Mega promised to encrypt all files.
The service also stipulated that only a user who uploaded a file would be allowed to download it. As
Megas terms of service
state: If you allow others to access your data (e.g. by, amongst other things, giving them a link to, and a key to decrypt, that data) ... you are responsible for their actions and omissions while they are using the website and services and you agree to fully indemnify us for any claim, loss, damage, fine, costs (including our legal fees) and other liability if they breach any of these terms.
Last week, Mega -- and Megaupload -- attorney Ira P. Rothken said that in Megas first 11 days, it had already responded to 150 takedown requests, comprising 250 files,
reported

Computerworld
. Those takedown requests had come from the United States, among other countries. Mega doesnt want folks to use its cloud storage services for infringing purposes, Rothken said.
Mega-Search.me would seem to make short work of any restrictions on file sharing. But who runs the service? Thats not clear. The site uses the top-level domain for
Republic of Montenegro
(.me), and was registered about 24 hours after the launch of Mega, but the domains administrator has been hidden using a
domain privacy service
based in Denver, Colo., which lists an email at that service as a contact point for the site. The sites owner didnt immediately respond to an email asking if the site was funded or supported in any way by Mega.
Posts made by the sites owner -- or owners -- to Twitter and Facebook this week, however, suggest that Mega-Search.me is an independent venture, and faltering. Notably, the
Facebook page for Mega-Search.me
reported Thursday morning that MEGA just deleted all our links without checking their contents. The search engines administrator posted that he suspected that Mega had begun using a tool to automatically identify all links submitted to the search engine, and then delete the related files from the Mega site.
Another post suggested a possible next step for the search engine. We are searching for some help with the mega API [written in] PHP. In particular, the decryption part, read one Facebook post (translated from French). In other words, instead of the search engine relying on users to submit files theyve submitted to Mega, the site could forcibly index every file on Mega itself.
Needed: One PHP coder with a bent for file sharing.
InformationWeek is surveying IT executives on global IT strategies. Upon completion of our survey, you will be eligible to enter a drawing to receive an Apple 32-GB iPad mini. Take our
2013 Global CIO Survey
now. Survey ends Feb. 8.

Last News

▸ Car Sector Speeds Up In Security. ◂
Discovered: 23/12/2024
Category: security

▸ Making use of a homemade Android army ◂
Discovered: 23/12/2024
Category: security

▸ CryptoWall is more widespread but less lucrative than CryptoLocker. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Mega Repeat: Search Engine Mimics Dotcoms MegaUpload