Kim Dotcom's new file sharing storage venture, Mega, wants to shield itself from accusations of failing to take action against piracy.
It does so by using cryptography to make sure it doesn't see, and indeed cannot tell, what you've uploaded.
That provides privacy for you (other people, including Mega's own staff, can't snoop on your files) and deniability for Mega (other people, including Mega's own staff, can't even tell what your files might be).
But to deliver on that promise, you have to get the crypto right.
As we explained yesterday, early indications were that Mega's coders hadn't done so: we wrote about problems with entropy (randomness), deduplication and the use of poorly-chosen data in Mega's sign-up emails, needlessly making password dictionary attacks possible.