It could be a standing offer with a hole found every other month and they'd be paying far less than the going rate for a quality, full-time security consultant.
Better yet, they get to indirectly watch, learn from and adapt to bounty hunters work and only pay out if someone stays fully ahead of them.
This is precisely why this is nothing more than a PR stunt meant to combat the people criticizing Mega's security. Mega is probably secure enough that anyone who is capable of breaking it doesn't need to do so publicly for a 10k Euro bounty, but would either be working for a government, or doing black hat work.
It doesn't really work that way in practice. I believe bounty programs are good, but they aren't a replacement for an actual security team.
Its one of those things that doesn't scale all that well, one really talented tester can gain a deep understanding of an app and find loads and loads of opportunities for attack. Most bounty bug hunters on the other hand are hard to distinguish from usual internet background noise.
>I believe bounty programs are good, but they aren't a replacement for an actual security team.
Of course not, I don't mean to suggest that it is. I'm suggesting that this is marketing with potential for cheap labor more than a real commitment to security.
- Even if this is a PR stunt, it's a very good one, because regardless of the outcome, it convinces many people to sign up.
- Many people are claiming that he's not going to pay. Given the fact that this is a PR stunt, it would be twice the failure, and backfire severely if he did not.
Honestly, I signed up an account just to poke around, and looking at their offerings, it's quite something.
50GB of space for free! A nice simple and clean interface. The IP addresses of your last connections displayed prominently.
Maybe I wouldn't trust it with sensitive documents, but as simple cloud storage, I don't see anyone else offering 50GB of storage for free.
Note: the term snake oil in regards to cryptography has different connotations than it does in general use, implying naïveté/overconfidence rather than malice.
From the article above:
"Most products seem to fall into the middle category: well-meaning but insecure. I've talked about the reason in previous CRYPTO-GRAM essays, but I'll summarize: anyone can create a cryptography product that he himself cannot break. This means that a well-meaning person comes up with a new idea, or at least an idea that he has never heard of, cannot break it, and believes that he just discovered the magic elixir to cure all security problems. And even if there's no magic elixir, the difficulty of creating secure products combined with the ease of making mistakes makes bad cryptography the rule.
The term we use for bad cryptography products is "snake oil," which was the turn-of-the-century American term for quack medicine. It brings to mind traveling medicine shows, and hawkers selling their special magic elixir that would cure any ailment you could imagine."
Google offer payments for bugs as a small thank you to people who report bugs. Google accepts that all code has bugs, and they want help to close those bugs.
Mega is offering a prize for breaking their crypto. They hope to never pay it out, and they hope to use that as a sales line - "SUPER SECURE CRYPTO NEVER BROKEN!!".
You point at a specific item only to say that this item doesn't apply as is. Why pointing at it then? Mega's security effort may very well be disingenuous, but what you wrote comes across as a snobbery.
He didn't say the item doesn't apply, he said that it is a warning sign. Holding a contest doesn't make a product snake oil, but it certainly correlates to snake oil products.
I've been partial to the crypto community since the early 90s and there appear to be three popular ways to dismiss one's security work without bothering to understand any details -
1. Quoting an item from the snakeoil markers list
This is the most popular method. It has a good
mass appeal as it clearly implies that your
opponent is a complete idiot and puts him in a
position of needing to prove the opposite.
2. Gutmann Sound Wave Therapy quote
Whenever someone thinks that they can replace
SSL/SSH with something much better that they
designed this morning over coffee, their computer
speakers should generate some sort of penis-shaped
sound wave and plunge it repeatedly into their
skulls until they achieve enlightenment.
This is as great, arrogant, includes a "penis"
and generally makes first-time impression. It
can't be used too often unfortunately.
3. Invoking Kerckhoffs's principle and alike
This is a sophisticated way. Don't really need
to understand what the term is or if it applies
in a given case. The idea is to just dazzle the
opponent with obscure terminology to show they
don't know a shit about cryptography.
You've gotta try and be on a receiving end of these. An incredibly welcoming opening of a dialog between the peers. Thickens your skin like nothing else.
I'm interested in some cryptosystems that have been on the receiving end of any of these critiques that were ultimately shown to be sound and useful.
I'm not asking because I think I know the answer. I don't. I don't follow crypto the way you follow crypto; I am interested in it exclusively to the extent that it allows me to break software. You seem to follow the community as a whole, which is not an interest I share. So you probably have some insight into it that I lack.
You didn't read the post I linked to, just the headlines. You seem to be familiar with the article. Maybe reread it. I think you missed the part of it I was calling out.
I read it in full on more than one occasion, thank you very much. Perhaps you should re-read Schneier's original note on cracking contests and figure out how it relates to Mega's case - http://www.schneier.com/crypto-gram-9812.html#1 - because it really doesn't.
Mega's bounty is of the exact same nature as Google's bounty for Chrome bugs. At least it looks that way on the surface. Whether it's genuine bounty is another question, but as I said in another comment I have a problem with the half-assed nature of your original comment rather than with its content. Especially considering that a lot of people on HN look up to you as being the security guy and adopt whatever you say for their own opinion.
---
(edit) The bottom line is that offering a bounty to audit the security of highly public project (after readily admitting several design flaws in the initial version) is not a sign of a snake oil crypto. It's just not.
Ultimate Rally - never got past the planning stage, who did he take money from?
letsbuyit.com - He said he was going to invest and then didn't. He never promised money to the people that lost it here, they were just speculators. Yes it was illegal, but he didn't breach any agreements. (Actually might not have been illegal at the time)
bin Laden bounty - nobody gave him information leading to finding bin laden so there is no bounty, I don't see the problem here
Trendax - well that's clearly a scam but I can't find if people actually invested there
Liga.net - please tell me I missed something and you didn't put this on the list for cheating in a video game
I just wanted to point out that he is/was a shady person and people should be cautious dealing with him.
To adress your points:
Ultimate Rally - afaik there where some poeple on forums that paid a significant entry fee and didnt get it back
letsbuyit.com - clearly illegal, insider trading and he got a prison sentence + 100k fine
Bin Laden bounty - true, but it still was smelly
Liga.net - it was a Quake2 Duel League back in 98/99 (if i remember correctly). Kimble was known for playing lots of Quake back in the day, he invited the most promiment players, first prize was some super High end PC (of the time) and money but the winner never got it and was kicked out of the league, which was shutdown soon after that : http://planetquake.gamespy.com/fullstory.php?id=61507
Its just a fact that you should not trust this guy given his history. Sure people change, but be cautios!
It seems like they've implemented encryption to provide plausible deniability that they're knowingly hosting pirated content, not to actually protect the privacy of users, the vast majority of whom will not be uploading confidential data.
Look, it's pretty simple. Kim Dotcom is a snake oil salesperson. Great at hype, but ultimately if you dig beneath the covers I suspect there will be nothing there.
I should know, I trusted and was very badly burned by someone who spoke big, manipulated others an dultimately had nothing whatsoever other than charm and chutzpah. Give Mega a wide berth, or you too could be badly burned.
Someone else has also pointed to the following article about crypto-breaking contests, written by BrucebScneier. Definitely worth a read before getting excited about this contest.
"I should know, I trusted and was very badly burned by someone who spoke big, manipulated others an dultimately had nothing whatsoever other than charm and chutzpah. Give Mega a wide berth, or you too could be badly burned."
Unless that person was Kim Dotcom this is useless diatribe. It is akin to me saying, "I had a bitter divorce so never marry"
The hell he'll ever be cutting a check. This is nonsense. And are people seriously using this service? It's like renting a cardboard safe deposit box in a bad neighborhood.
> It's been seven busy days for us since MEGA went live. As millions of users were hitting 50,000 freshly written and barely tested lines of code and dozens of newly installed servers, teething troubles were inevitable. -- Mega blog entry #4
If I were a gambler, my money would be on an infrastructure/man-in-the-middle or social-engineering attack vector. The people are likely stressed and the code is admittedly troublesome.
In my opinion, code is never fully tested unless it's produced under extreme clean room conditions (i.e. autopilots, nuclear plant software, space shuttle softwware), or has been used in production for a fair amount of time.
Even if your code has full path coverage, you're almost certainly going to interact with an unpredictable outside world that can cause code to fail in novel and interesting ways.
> Even if your code has full path coverage, you're almost certainly going to interact with an unpredictable outside world that can cause code to fail in novel and interesting ways.
> Don Shepperd told CNN Television that the onboard navigation, communications and fuel systems crashed as the planes crossed the International Date Line.
> The problem seems to have arisen not from the time change, but from the change in longitude from W179.99 degrees to E180 which occurs on the International Date Line.
> The USAF refused to specify the cause of the issue saying only that the aircraft "experienced a software problem involving the navigation system en route from Hickam to Kadena".
The Wikipedia article List of Software Bugs has some other scary examples of billion dollar systems destroyed, or people killed, by bugs.
"barely tested" seems to imply that they... barely... have written any tests at all. While I can understand that even full coverage doesn't guarantee anything, it sure can help. I'm not advocating full test converge, I'm just saying that if I wrote 50k lines of code, I really wouldn't want to be able to say that I have "barely tested it".
If anything, it'll be an attack against their entropy gathering (mouse movements) or a mis-implemented encryption spec. Given the number of XSS holes in the site, I bet someone will be claiming that bounty soon.
"His" home, the one in Coatesville, is actually a rental. I don't doubt that he could afford to own it, but he was prevented from buying it by the NZ overseas investment commission.
He was down voted for illogically raising the wealth of Dotcom. By all means argue that it's too low, but the decision for this cost should come from the company's financials and the potential benefits of that spend, not the size of the house its owner lives in.
I mention his wealth because it's specifically from his business and offers a comparison to his ability to pay for security fixes that threaten the very operation of such business.
It's like saying hey this business is worth $100k a day to me but I'm only willing to pay $10k to anyone who can show me a problem that would expose all my customers and bring it to a halt, perhaps permanently if the data got into the wrong hands, foreign governments, etc.
A business can't go to the founder as its own piggybank to get out of bad decisions. It's not only a legal and accounting nightmare, but it's bad for the business, too.
I don't know much about the black market, but how much could a way to download files you don't own off mega be worth? The majority of the files on mega are going to be pirated software/movies/audio, right?
Because of the 50gb free space, I already have a lot of non tech friends using it for all their highly sensitive / personal stuff. And probably for sharing stuff between work <> home; people in big (gov) companies.
Also, in the last week I heard a lot of people moving of others (dropbox/gdrive) simply because they are now expensive compared. And they were already hosting private/secure sensitive (unencrypted => at least mega is encrypted) info on those. Lot of technical minded people seem to forget that ease of use beats anything for non tech people; privacy, security (and even, morals, when downloading stuff they didn't pay for; mega and others are easier than amazon, steam, netflix etc) go out the door when something is easy to use. And preferably free.
Agreed, the point is that having an exploit is only useful to someone who really really really wants into that specific system. With a system that will have millions of users, someone's sure to be angry at someone over something that's up there.
I respect that many people are interested in the ethics of this proposal, but I'm more interested in having a technical discussion about the code, exploring some of its strengths & weaknesses, etc.
I'm always impressed with HN's pool of tech knowledge and enjoy learning tech tips from more experienced hackers. (Of course, I suppose there's a good chance these folks are hacking instead of commenting, and maybe they don't want to give away what they've found.)
Capture the keystrokes & mouse movements used to supplement entropy for the in-the-browser. Recently, the Internet Explorer vulnerability exposed the fact that any webpage can see all mouse movements.
How would this be a man in the middle attack? You should be able to record it yes but as you said keystrokes & mouse movements are used to SUPPLEMENT entropy, as in they also use other entropy.
Better yet, they get to indirectly watch, learn from and adapt to bounty hunters work and only pay out if someone stays fully ahead of them.