I think I’m misunderstanding something. Isn’t an easier attack (if you are mega) to serve compromised client software?
The client software must have visibility of the decrypted symmetric (node) keys?
If so, then the client must trust mega, and so attacks which rely on not trusting mega are moot? (I must be missing something, because the same approach applies to any end-to-end encrypted software. I guess you’d need to target specific users with the bad client, so some kind of “client transparency log” might help?).
It has a brand name, website, and logo (or favicon), so it must be serious. Sigh.
Even better, the brand name of the bug is an acronym of the brand name the service it impacts, which I think is clever.
I think I’m misunderstanding something. Isn’t an easier attack (if you are mega) to serve compromised client software?
The client software must have visibility of the decrypted symmetric (node) keys?
If so, then the client must trust mega, and so attacks which rely on not trusting mega are moot? (I must be missing something, because the same approach applies to any end-to-end encrypted software. I guess you’d need to target specific users with the bad client, so some kind of “client transparency log” might help?).
Serious people who know about these things see end to end encryption as important, so what is the usual response to this? (wiki just has this: https://en.wikipedia.org/wiki/End-to-end_encryption#Backdoors)
Edit: ok, useful stuff here https://t.co/FQZHlk3yYy - I guess the value is “the client is trusted and can be examined for backdoors”
CryFS paper is something worth reading in this context. Secure cloud file storage is hard!
https://eprint.iacr.org/2017/773.pdf