What I expect to see in Microsoft's E3 2013 keynote

  • Pricing and availability. Pricing is rumored to be anywhere from $299 to $499 - expect a "subscription" only version that will feature a lower upfront cost, but require a monthly subscription to Xbox Live Gold. And as far as availability - expect "later this year" which code for "Fall/in time for Christmas".
  • Games, games, games, games, games, games and more games. Microsoft flubbed it with the last keynote by not really appealing to core gamers. I fully expect Microsoft to right the ship today. 
  • I'm hoping they'll provide more details on the pricing structure surrounding the used games as well as licensing to hopefully clear up some of the confusion.  
  • I expect some hints or outright announcement about a new revamped Xbox 360.
  • There have been rumors of a "set top box" version of the Xbox that's meant only for media streaming (à la Roku) but it's not expected to be launched until next year. 
by Ben Pike

My fears with a Mega mobile application

Mega is making a mobile application: http://www.androiddoes.net/applications-2/mega-android-app-and-megamovie/ and this makes me nervous...

*tl;dr*: Encryption & Decryption are hard. So if there really is a mobile app for Mega I fear they're trading convenience for security.

If Mega truly follows a "trust no one" security model (as they say) it would be INCREDIBLY hard for an Android app to work.

Essentially what Mega is doing is holding a blob of encrypted data that only *you* know the key to. So if someone were to have physical access to their servers or hack in all they would get is blobs of *strongly* encrypted random noise - which wile not impossible to crack would be *very* cumbersome even with modern hardware.

Which brings me to my next point...

Here's what I see going down with the Android app:

A) You have to place files you want to access via mobile in a separate folder where the encryption is not so strong and mobile devices can read it off the server on the fly.

B) They do NOT have a "trust no one" security model where only you hold they key - they in fact have the key and can decrypt it on the fly for your mobile device.

C) There is some technological breakthrough I'm not aware of that would allow mobile devices to decrypt 2048bit AES encryption on the fly.

Example: with Dropbox & Google Drive your files are semi encrypted, but Dropbox has the key and can decrypt them for you - for your mobile device when it's logged in. If a Dropbox employee went rouge they could potentially decrypt and steal your files.

Another Example: Carbonite gives you the option to enable a "trust no one" security mode where they simply hold a blob of encrypted data for you, but this disables the ability to use their mobile app to access your files.

Yet Another Example: LastPass holds a blob of data, but they allow access via their mobile apps where the data is downloaded and decrypted locally. Although, basically all that's being downloaded is a smallish text file of your usernames & passwords. So performance isn't really a problem with text files, but with documents, music, & videos it could become an issue.

So I'm curious to see how this shakes out.

by Ben Pike