kos13

On Mac/Windows we introduced new button - report the issue. It is placed in tray icon. In this case we will get log files, so could give you more detailed answer to your issue.

It is AES256 encrypted, so it is safe. We plan to add support of private relay/trackers.

Yes you can share folders, but not specific file. You could use http://soshareit.com to share a separate file.

SyncApp has server that is used for two things: 1. Tracker. Help peers discover each other; 2. Relay. Data is sent thru relay when direct connection between peers can't be established. We had introduced more granular options to control your SyncApp.

Marcus, SyncApp supports this.

Should work by now.

We are going to start distributing new version of SyncApp in a couple of days. Before it will go to users on our waiting list or as update to our current users, we would like to show it to people on this forum. You helped us a lot in making the product better. We want to express our gratitude to you, by sending new version of SyncApp to you first. Please PM me with your email and I will send you a link to new build. Thank you for your help kos

We don't have a definite plans yet, but will come after SyncApp beta.

Vladimir, we had some fixes around CPU usage in next build that we will start distributing next week. At the same time Skype consumes 79% of CPU, which is quite a lot for a messenger

exactly.

Looks like a new deadline that we can't miss

https://help.github.com/articles/ignoring-files Next week we will start distributing new version

I don't have any update

It is used to detect cases when you have mounted or removable drives. I.e. if file is not in place, SyncApp doesn't performa any action on folder.

We will have it in SyncApp.

You are right.

We do talk about two different scenarios: 1. Tsu, was talking about the case, that someone will hit the same secret unintentionally. I.e. not trying to hack (brute-force) a specific account, but rather will hit the Secret that is already used by someone. In such a case you just hit the right combination. Google protection against of brute force won't help in such case. 2. Brute-force attack. We already have brute force protection on server, and maybe will add it to client later. However, using brute-force attack against of at least 21 bytes random key, that requires at least 20 ms to verify 1 combination, doesn't make any sense at all. Why Google introduced protection against of brute-force attack? Because users use passwords like "123", "password", "hello123". In this case, brute-force attack based on vocabulary is very effective. Developing login/password authentication is simple, everyone uses it and concept is well known to users. However it is so insecure, that we decided to go hard way and introduced concept of Secret to mass market. We would take time to explain any single security concern you might have. Secret approach is by far more secure than any login/password solution. It is in line with RSA private/public key authentication, which is a strongest authentication from a security perspective.

If you have Sync issue, then we are here to help you. Having right problem description and logs will mean that your problem will be fixed in a matter of hours. Just email us at syncapp@bittorrent.com and we will answer any question you might have. If you will do few steps in advance, that will help us significantly. Please note, that in most cases we will need logs from BOTH (!) machines. Step 0. Describe your problem Don't forget to describe your problem or put link to the forum post in your email. Step 1. Turn on Debug Logging. Windows: Shift + Right-click Sync icon in system tray and select "Enable Debug Logging". Mac: Shift-click on Sync icon in system tray and select "Enable Debug Logging". Linux: create file debug.txt with contents of FFFFFFFF in the .sync folder. You can find the .sync folder in the same directory where the btsync binary is located. If you are running binary in config mode, you'll need to put debug.txt into your storage folder. Step 2. Reproduce issue Please let Sync collect logs for at least 15 minutes to get enough information. Step 3. Attach log file to your email. Windows: %APPDATA%\BitTorrent Sync\sync.log and sync.log.old Mac: ~/Library/Application\ Support/BitTorrent\ Sync/sync.log and sync.log.old Linux: ./sync/sync.log and sync.log.old If you are running Sync in config mode, you'll need to put debug.txt into the defined storage folder.

A little bit more, for people who stay late

Consider this string uuuuuuuuuuPPPPPPPPPPP. This is 21 characters long alpha numerical string. What are the chances that if I randomly generate this string and will use it as uuuuuuuuuu@gmail.com with password PPPPPPPPPPP I will crack someones gmail account? Just think about email and password combination as one string. something like youremail@gmail.comAndHereGoesMyPassword I randomly generate this string and try to find a collision with someones gmail account. What are my chances? Cracking SyncApp secret significantly harder, since it uses all bits in byte, while gmail uses only letters, numbers and some special symbols, so it uses not all 8 bits. Since we removed limitation on Secret length, you could add email in front of 21 characters Secret and use it as your Secret, so people have to guess your email and Secret.

There is no service that guarantees uniqueness of private key that is used by certification authority, your bank, NASA, FBI, White House or any other organization. So how they could be sure that nobody will crack it in unlikely collision? And there are teams, organizations and countries that intentionally want to crack it. Without any luck, so far. SyncApp allows you to use your own key of any length. We are sure that key of 21 truly random bytes are enough, but you are free to use any key you want. One time password's goal is to avoid exposing secret to insecure media like emails or IM. So, if somebody will gett access to your email, he won't be able to reuse the one time password to connect to your computers. All security is based on the fact, that probability of discovering encryption key is so close to 0, so everyone could sleep at night But let me ask you a question. Assume person has less than 10 characters before @ in his gmail address, strongest possible password and it is 11 bytes. What will be easier to crack SyncApp secret or his Dropbox/Gmail/Bank account?

We are on schedule to have some great news for you soon. Just want to share something with you.

One time password - is shorter secret that could be used only once. When you generate OTP on one device it will wait till the first device is connected using this OTP, and then will provide full Secret to this device over secure channel. This way OTP password can be shorter, easier to enter, plus you could distribute it over IM or email, since it will become useless after first connection of device.

We are going to change the way Secret works in next build. We will: - remove restriction on the length; - will use base64, so all bits will be used - will introduce one time passwords to safely pass secret over insecure media.

Beginning of April. We decided to skip one update, since some of the features required more time than we originally planned.