LordVonPS3

Members
  • Posts

    2
  • Joined

  • Last visited

LordVonPS3's Achievements

New User

New User (1/3)

  1. I'd like to make the following suggestion. BTSync should require a 2nd secret (e.g. 32+ chars complex string or perhaps a simple 6 digit PIN code) when first connecting to an existing secret / client pool and impose a 5 attempt limit. Failing to enter secret #2 correctly five times would result in all secret #1 sharing clients adding the requester's IP address to an indefinite blocklist for that shared folder / secret #1. To facilitate this, some hidden, plain-text blocklist file could be shared between clients, meaning any client(s) could remove an IP (or all IPs) if some mistake were made.
  2. In summary: 1. A "secret" really amounts to an address. BitTorrent has neglected to install a front door at each address. 2. There is a threat from botnets, hackers & anyone who cares enough to write a script. How many bots are there in a botnet? How many addresses are inhabited today - and in the future? Is there potentially a pattern to secret generating that may be spotted which isn't currently obvious? On the one hand - yes it really would be astronomically "unlucky" for *you* to be robbed - even though *you* is plural. Should that unlucky day arrive for someone - it may be a shame there was no front door to close. I'd like to make the following 2 suggestions. 1) Add a "Lock / Open" facility. When users are happy with a client network setup any connected client user should be able to click a "Lock / Open" button to lock the network. When locked, BTSync should not permit any more clients on that share (i.e. simply ignore any new IP requests to sync). Clicking the button again will allow new clients to connect to the shared folder. To do this, each new BTSync client will probably need some sort of local folder specific GUID - with all other known connected clients being listed on a shared GUID list. Only listed GUIDs would be synced with. 2) BTSync should require a 2nd secret (32+ chars) when first connecting to an existing secret / client pool. Failing to enter secret #2 correctly five times would result in all secret #1 sharing clients blocking the requester's IP address indefinitely. Some hidden, plain-text IP blacklist file would be shared between clients. Any client(s) can therefore remove an IP (or all IPs).