• Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by Zbig

  1. And how exaclty, Roman? No, seriously, I have already wasted quite some time on that to no avail. After starting the Sync for the first time on my new laptop, it creates a new identity from the get go. Then, when I try to apply my license file by double-clicking on it, the "new" user steals the license so it reverts to Sync Free on all the other devices. Honestly guys, have you actually tried it after you came up with this "simplified" process? EDIT: Ok, so the only way for an existing paying customer to reconnect to his existing identity from a new installation is to activate trial and then re-apply the license-file. You have to fix it and fast, unless you want to piss off your existing users in droves.
  2. If security is your number one priority devise a system that doesn't allow anyone to see others IP addresses! Why would anyone want to share a file using bittorrent sync when their IP address is revealed? Yeah, brilliant idea! Let's make the bunch of computers directly sharing stuff between each other not know any other's IP address! That's genius, why haven't I thought of that? Let's just make them exchange the data through the central server, like Dropbox! Oh, wait...
  3. Seriously, you guys should sue this clueless bunch of clowns into oblivion. The damage to your reputation is already done as they've been quoted by several "prominent" websites. Unless they're all underage that is, which wouldn't surprise me given their lack of ability to grasp the most basic (well documented) technical concepts behind the BitTorrent Sync and cryptography in general. My first reaction after reading just a headline for these "news" was "some loser mistook the hashed secret for an actual secret" and, sure enough, that is exactly the case. However sad, this could well mean the death of Sync. Don't let it slide. What a useless bunch of arrogant, uneducated punks; I hate those types with passion.
  4. Guys, you had all the time in the world to study the OpenSSL sources and prevent the whole Heartbleed fiasco. Have you? My opinion is, the kids screaming for everything to be open-sourced the loudest, are rarely the ones giving actual valuable and educated input once given the chance to. They usually demand to open source everything possible on principle and then sit and wait for someone to do the actual analysis. Are you all experienced coders and cryptography experts willing to dedicate your time and resources to audit someone else's non-trivial code properly? If not, what makes you think just skimming through the source will give you peace of mind? Or perhaps you somehow think there's gonna be lots of void secret_backdoor(int secretNSAnumber) all over the place? Would you be able to conclusively prove the compiled binaries are indeed generated from the source you're looking at? By the tone of your posts I somehow doubt you're all mature, experienced security experts, so why not just chill out, not use the thing if it doesn't fit your world outlook and leave the devs and their product alone?
  5. This one has already been talked here over and over. Once you have the data, you have the data, there's just no point in introducing an elaborate level of key viewing rights just to make unauthorized relaying of the data further this tiny little bit more inconvenient. Hint: would that stop you from just creating your own "sub-cloud" from the very same folder (or just sharing it using one of the metric gazillion of other ways, for that matter)?
  6. Same here. To me is looks like some race condition/thread congestion/deadlock/whatever. It seems to pop-up randomly on one of my systems. It happens for some files, seemingly at random, then these same files get processed properly after quitting and re-running the application. Rinse and repeat and it eventually syncs all of the files.
  7. And what about the opposite situation: when file gets deleted from server1. Does this deletion propagate to server2 as well? What about other files which happen to exist in the synced directory on server2 (read-only) node but not on the originating (server1) node? Will it delete everything it finds there which doesn't have its counterpart on server1?
  8. It's great that the folder rescan time is now configurable as of 1.1.15 but I'd very much like to see that as a per-folder instead of the global setting. For instance, I wouldn't mind if it rescans the folder stored on my system SSD every 10 minutes as it never goes to sleep anyway and being up to date is a priority there. For my media library stored on external HDD array, on the other hand, I'd set it to rescan not more often than, say, 12 hours as it takes painfully long time to wake the thing up and I don't mind at all being few hours behind with this data.
  9. I'm not administrator on this site and I'm telling you that you sound ridiculous. And rude. You've been given a free tool to try. Then you come to their forum and try to "threaten" them to opensource it or else they won't have the honour of you using it. Don't want to be put through a "security nightmare"? Guess what: you don't have to. It's as simple as walking away. Not everything will be open source and not everything has to be open source. And it's not for you to tell them what to do with their intellectual property. Deal with it.
  10. And why should we care, exactly?
  11. You've just provided one of the many valid reasons why data synchronization shouldn't be confused with data backup. BTSync is a great and exciting data synchronization software but what you need for backing up your data is a dedicated backup solution. I, for one, use CrashPlan.
  12. CrasPlan* gives you both on-site and off-site backup, encryption, deduplication and versioning in one maintenance-less package. There's no need to rediscover the wheel unless you're dead set on rolling your own backup system Keep in mind though, that most probably you'll end up with a solution inferior to the one professionally developed especially with this goal in mind. *)I'm not affiliated with them in any way; just a happy user.
  13. jpc82, you're not using the right tool for the job. Data synchronization and backup are two different things. What if your parents just delete their files accidentally or their system gets infected and does the same? BTSync will just dutifully replicate all the changes, intended or not, to your PC. Granted, you could always just cross your fingers and take a dive in the BTSync Trash folder but what you really need is a proper backup solution like CrashPlan. You can back your parents' stuff up either to the cloud (for a fee) or to your own PC (for free), with proper versioning and all. Don't get me wrong, I'm really excited about BTSync and looking forward to use it in various scenarios but it's a data sharing and replication tool, not a backup solution.
  14. I got your point, but it all boils down to not trusting someone with your data and granting him full read-write access to the very same data at the same time. You just don't have any chance to get this "right".
  15. Unless your account doesn't have admin rights. It does then.
  16. AFAIR, when you give a one-time read-only code to someone, they don't see the full (master) key in the UI. Anyway, if you're concerned with giving someone an access to some data and then worrying what they could do with it, maybe you shouldn't have given it in the first place? After all, even when unable to invite others to the BTSync cloud, he or she can burn the data to CD-Rs, e-mail it to friends, print it in the newspaper, create their own BTSync cloud... you get the idea What you have in mind is called DRM and is little out of scope of the data sync tool
  17. Good news, BTSync uses 4MB blocks and as kos13 from the BitTorrent team stated on this forum, it supports TrueCrypt containers well (due to the data patterns not changing their position within the file).
  18. I think if you'd been given a read-only secret, you cannot actually see it in plain text anywhere in the client. This, combined with a one-time, read-only secret, provides some reasonable level of security as this way you don't get to see the "master" key at any time. Anyway, look at it from a different perspective: Even if there was a very fine and granular access management system with personal, user-bound and tightly controlled keys, what stops the malicious user from spawning another "cloud" pointing at the very same folder and giving the key to it to whomever they fancy? ;-) Okay, maybe there are some minor technical difficulties like the .Sync metadata folders already there but the bottom line is if someone has write access to your stuff and is determined to do something nasty, there's little you can do about it. BTW, you can actually change a secret, denying access to all the currently synced nodes until they update the secret in their clients.
  19. Are you aware of the one-time secret feature?
  20. I'm aware of the directory rescan happening every 10 minutes but I'm pretty sure what I see (and hear) is constant, low-volume "trickle" transfers every second or so, more or less corresponding to the MFT activity I see in the Resource Monitor. More like constant "pinging" / polling than short bursts I'd normally expect while rescanning the folder.
  21. That's great, thank you. Furthermore, whenever Sync is running, there is constant disk activity preventing my external storage box from entering the "sleep" state. I can actually hear the HDDs "chatter" every few seconds or so and I'm positive it's actually Sync causing that. Could this be the effect of the realtime file change monitoring functionality? I also have another software offering such feature (CrashPlan) and apparently they're doing it differently - my Drobo device goes to sleep when inactive as it's supposed to despite being monitored for filesystem changes.
  22. Hi, I'm on Windows 8 x64, BitTorrent Sync 1.0.116. While running the program, I've noticed some disk activity in the Resource Monitor I'm not sure I understand. From the Resource Monitor output it looks like BTSync.exe is constantly writing to my drive's MFT which doesn't seem to make all that much sense to me. If it's really doing it then why? Or maybe it's just some Resource Monitor / Windows API glitch and/or limitation and what it really does is reading MFT (polling it for file changes?). OTOH, the same seems to be the case when running chkdsk in read-only mode - the MFT operations are being reported as writes despite it's obviously the reads which actually happens. Anyone care to shed some light on this? Regards Zbig