Skip to content ↓ | Skip to navigation ↓

The ever-controversial hacker-turned-millionaire-entrepreneur Kim Dotcom has announced the public beta launch of an end-to-end encrypted audio and video chat service, which he calls MegaChat.

Anyone with an account on Mega’s file-sharing file-syncing service can now access what is claimed to be a more secure alternative to Skype, boasting end-to-end encryption.

If it does what it claims, MegaChat can allow you to communicate with someone over the net (via audio or video, video conferencing and text chatting apparently will come later) through your browser, without anyone having the ability to intercept or snoop on your messages in between.

I thought I should test the service, so created an account to give it a go. Unfortunately I don’t know anyone else who uses Mega, so I had to chat with a toy womble instead. The conversation wasn’t amazing, but it did work.

MegaChat

What I cannot vouch for, of course, is whether MegaChat did a good enough job of ensuring that the conversation was secured and end-to-end encrypted.

It would be great if it was, because increasingly politicians like UK Prime Minister David Cameron are raising the stakes, calling for end-to-end secure messaging to be outlawed if there are no backdoors through which law enforcement can access what is being said.

In the opinion of many security experts, that’s a dangerous step. Because anytime you have watered-down security there is the potential for not only the authorities to access messages but also – potentially – hackers, foreign governments and organised criminal gangs.

One also has to wonder how businesses would feel operating from a country where secure messaging cannot be guaranteed.

Kim Dotcom’s Mega, of course, doesn’t have a spotless record when it comes to security.

Last year, Mega was roundly criticised by experts for a range of security holes ranging from cross-site scripting flaws, to a poor implementation of encryption, and even the discovery that Mega passwords could be easily extracted.

So, can you trust Mega now to secure your private online chats?

The jury is out…

Because of Kim Dotcom’s notoriety and aggressive PR machine, there is no doubt that there will be plenty of people keen to expose any vulnerabilities if they find this competitor to Skype is anything less than water-tight.

Perhaps mindful of that, Kim Dotcom has announced that he is offering a security bounty for anyone who can find flaws in the service.

So maybe it would be sensible to wait and see before you trust any sensitive communications to the service.

Hacking Point of Sale
  • abdullah

    How can I download megachat app to use it

  • WhatmeWorry?

    I can't believe they are allowing encryption methods like this, in this dangerous world we live in. For Christ Sake, that womble may look innocent, even cuddly, but how do you know he isn't a terrorist? How do you know his Womble friends aren't building secret underground prison facilities to house people in our society who throw trash on the ground and refuse to recycle? I say, make all encryption illegal, so that the only people we can trust, our governments, can monitor us 24/7, read all our emails, and especially, check out all our private photos. Hooray!