It’s no secret that Kim Dotcom thinks he’s got this security thing nailed on with his new site Mega, but now the entrepreneur has gone and put his money where his mouth is, offering a €10,000 ($13,500) reward to the first person who can successfully hack into the site.
Dotcom has made good on a promise he made last week, when he announced on Twitter that Mega would be offering a cash encryption prize “soon” in response to criticism leveled at the site’s security measures. This was quickly followed up by a blog post on Mega, in which Dotcom dismissed concerns raised by a Forbes and Ars Technica and promised to add more features soon, including the ability to change passwords – something that doesn’t exist at present.
Despite picking up some flack, Mega has had a pretty good start since it launched last month, with more than one million users registered in the first 24 hours, and almost 50 million files uploaded so far.
The €10,000 reward for cracking Mega looks to be part of Dotcom’s ongoing efforts to bolster the site’s security and enhance its features.
“You find a bug, we fix it” the announced the German last week.
Dotcom isn’t the first to dangle such tempting financial carrots – most major tech companies actually do this, and will reward developers with significant sums of money if they can pinpoint bugs or issues with security. The only real difference with Mega is that the site is publicizing this reward as much as possible, no doubt because it wants to be seen as ‘legitimate’ in the eyes of authorities.
So far Dotcom seems to be making a good fist of his ‘reformed’ character, quickly clamping down on the search engine Mega-Search.me within hours of that site coming to public attention. As SiliconANGLE reported yesterday, Mega-Search.me allowed users to publicly list files they had saved on Mega along with the all-important decryption keys so that anyone could download them.
But while the site exposed that dozens of users are uploading illegal files to Mega, Dotcom and his team isn’t making it easy for them to share these files. A few hours after the news broke, Mega-Search.me was effectively taken down after Mega began blocking access to files via the search engine, apparently through some kind of script it has developed.
“Due to a script developed by Mega to delete all files indexed Mega-search, the engine is temporarily unavailable. A solution to overcome this problem will be made shortly,” said a statement on Mega-Search.me.
As of this morning, there were no links available on the site.
However, it could be that Dotcom is being a little over-zealous in the policing of his site. Torrent Freak describes how it carried out a small test, posting links to a number of legal files it has uploaded onto Mega, only to find that within minutes that these links were also blocked.
Kim Dotcom says that he’ll update the Mega blog soon, providing more details on the €10,000 bounty and what hackers must do to get their hands on it. For more analysis on MEGA’s security vulnerabilities is Contributing Editor John Casaretto, who appeared on this morning’s NewsDesk show with Kristin Feledy.