This repository builds an unofficial Docker image for the mega.nz web client. This image can be pulled from the GitHub Container Registry.
Image is built from source every 2 days and then pushed to the following channels:
Description | Tags | Platforms |
---|---|---|
Apache Image | latest , apache |
amd64 |
MEGA.nz is a great cloud storage solution for individuals and businesses. It uses E2EE and their front application is open source. MEGA offers great guarantee that your files are strongly encrypted, and you're the only one that can decrypt those files. However, MEGA users cannot be sure that the official website will always serve open source JavaScript to their browser. Your web browser trusts whatever it receives from MEGA, which means they can grab your master key whenever you visit their site and then use it to decrypt and read your files. You'd never know. MegaPWN demonstrated that attack vector with a bookmarklet that could lead to leak your MEGA master key.
"Technically, we could serve you backdoored JavaScript code that sends your master encryption key back to us." MEGA
This repository aims to reduce risk of receiving of backdoored JavaScript code from the MEGA web application. Deploy this Docker image online or locally and access your files as usual, with confidence that assets were built from source.
References
The apache image contains a webserver and exposes port 80. To start the container type:
$ docker run -d -p 8080:80 ghcr.io/sundowndev/meganz-webclient:apache
Now you can access MEGA at http://localhost:8080/ from your host system.
Code in this repository is MIT licensed.