MEGA storage service browser extention secure?

Discussion in 'privacy technology' started by blainefry, Jan 28, 2014.

Thread Status:
Not open for further replies.
  1. blainefry

    blainefry Registered Member

    Jan 25, 2014
    I remember all the questions about MEGA's encryption/security when it first came out:

    And I searched the forum for any threads before posting this. I found this one:

    That kind of touches on my looks like the problems mentioned in the links of the OP of that thread have been corrected through the incorporation of a browser extension...

    Now you can install a (i assume)-JavaScript extension in your browser, that allows all the encryption/decryption to be done locally on your machine, and avoid any potential for private key exchange with Mega's servers. This is the same thing LastPass does...

    This would seem to nullify the security concerns with the potential for the provider to "at any time modify the script loaded by the browser to send the key used for the encryption to a web server."

    This just means the JavaScript needs to be inspected...

    Does anyone know of a review that has been done on the Mega browser extensions? Has any reputable third party gone back and inspected the updates to the whole protocol to see if the crypto mistakes have been corrected and the extension itself does indeed not allow any potential key divulgence, even to Mega itself?
  2. lordraiden

    lordraiden Registered Member

    Jan 30, 2006
    I think you will find the answer in Mega's blog
Thread Status:
Not open for further replies.