Mega is using server-side Javascript for crypto, so you're trusting them just like you'd trust Dropbox.
Other people have reported issues with their implementation, including using weak randomness. I skimmed through their implementation and found some portions that indicate they don't know what they're doing, specifically how they're handling authenticated encryption. I wouldn't use Mega in it's current form. On Mon, Jan 21, 2013 at 4:06 AM, Sam de Silva <s...@media.com.au> wrote: > I wonder if there's any feedback from this list on Kim Dotcom's Mega > project - www.mega.co.nz > > Can it be the secure alternative to Dropbox? >
-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech