Interesting read but to check my understanding, the attack is detectable by the client, isn't it? As such, Mega might as well just covertly send the clear text password to itself, no?