goli

http://www.youtube.com/watch?v=L6Q4IRg73AI This for sure isn't meant that way, but that's what I thought when reading this The most important thing for me has already been mentioned: Known hosts/predefined hosts. My companies network configuration blocks tracker servers and DHT, so node discovery isn't possible. And I'm pretty sure that's the case for most of the companies out there and even for public WiFi such as e.g. when being at Starbucks. Because my companies WiFi connects to another IP subnet then the wired computers are in, broadcast isn't possibe, too. So when being at my office, the only choice I have is to turn WiFi off and do synchronization through my mobile data connection. Kind regards, Stephan.

Sparkleshare has *lots* of drawbacks. I just moved from Sparkleshare to btsync because Sparkleshare is not usable, imho. FIle system encoding often creates clumsy file names when the original one contains umlauts. This sometimes results in several versions of the very same file, each one mor iteration through utf8_decode. Huge repositories often crash either the local process or the git server. I have 8GB of MP3 files, ~4MB each. I simply cannot connect another Windows host to this Sparkleshare drive since the underlying git process always runs into memory limits or stack overflows (that's what the log says). All nodes always have the complete version history of a repository, which usually requires the disk space twice. My 8GB of MP3 are stored in a 16GB Sparkleshare folder. That's pretty much a showstopper when you try to connect a mobile phone. The idea behind Sparkleshare is really awesom, but the daily business use case doesn't fit. You usually don't need version history back to the very beginning. For the most file types you actually don't need any version history. And the internal mechanism of GIT always taking care of the complete text of binary content of the repository at a whole ("GIT tracks content, not files") makes everything bigger than a certain size really painfull. And ontop of that: Sparkleshare isn't peer to peer. GIT is, if you do different remotes. But that's not how Sparkleshare works. Sparkleshare only allows for a single remote per repository, which isn't peer to peer but a single central server. Until now, the current state of btsync fits my need for a synchronization tool way better than Sparkleshare. Regards, Stephan.

Hi himselv. I'm aware of the fact that btsync uses transport encryption. I didn't dig into this, which would be very difficult due to the closed source stuff. But I really hope that they do not only encrypt paiload file contents. I hope it is kind of an unencrypted protocol for transmission and having commonly known TLS wrapped around. That's transparent, easy to handle, proofed to be secure and used in that exact way everywhere all over the place. And if it's done the way I hope, then there simply is no encrypted file content block that can be stored, cached and reused. Having TLS wrapping a plain unencrypted protocol means skipping the encryption completely destroys delta syncs or comparing indexes and file hashes. It completely destroys the whole sync mechanism. This post should not be against any kind of block encryption and encrypt-only secrets. It's just an explanation why I think it's not an easy task to simply "skip the encryption function on the encrypt-only nodes". I really do want encrypt-only nodes. Having nodes that only hold, say, 4MB chunks and an encrypted indexing table that don't allow for any kind of reconstruction or file guessing would be awesom. But i think that's completely different than the current mechanism and therefore really unlikely to be implemented. Regards, Stephan.

Then I guess you're screwed. Sorry dude. Go grab your backup if you have one. If you don't have backups, then you might have lost 168GB of data. To name the kind of corruptness: They are *incomplete*. One of your hosts decided to be the one with the latest versions, the other decided to be the one that needs to receive the files. Unfortunately that was the wrong way. Maybe you have incorrect time zone settings? As long as you don't activate the debugging feature by hand (by placing a file called "debug.txt" containing "FFFF" into your ".sync" folder. Obviousely something you couldn't have done accidentally), the content of the log file is close to useless. Since your files are corrupt now, activating debug log might not provide any information. But anyhow: You could at least activate debugging (you need to restart btsync after adding the debug file), drop a new file into the shared folder and see what happens. I'm interrested in knowing if each and every file you add gets corrupted, too or if it's related to the initial synchronization process that did something wrong. But again: I fear that nothing you do will bring you back your files. Regards, Stephan.

Hey there. What you really want to have is selective synchronization, which has been requested several times (in the wishlist thread, mostly). But I only know about replys saying selective sync is for mobile devices. My android app can do selective sync, my desktop app can't. I don't know if there are any plans to add selective synchronization to the desktop version, too. But currently it is not possible. To explain why you need selective sync and why every other situation can not be handled properly: The current state does automatically synchronize the shared folder completely. So you need to keep your shared folder as clean as possible, to have only files in there that are synchronized across all of your computers. Starting a download isn't something you can do as the requesting computer. Currently the providing computer needs to add the new file to its local shared foler, which makes btsync to upload the file to all connected nodes. And that's the problem: Then the computer that adds the file to its local shared folder is the only uploading node. It's not having doubled speed but havng half the speed, because you share the uploaders capacity with the other active node. What you realy want is: Both active computers should copy the file you want to have to their individual shared folders simultaneously. Then both uploading nodes start to synchronize the file (they index it, detect having the same file with different modification times and set both to the latest time; hopefully) and upload it to you afterwards. But that's obviousely not a feasible process . You definitively need to wait and hope for selective synchronization for desktop apps. Kind regards, Stephan.

Did your btsync process delete the original files without any notice or might id just have moved them to the .SyncArchive folder? If you didn't disable versioning and archiving, that's what I would expect. So have a look at your .SyncArchive folder. Kind regards, Stephan.

You should start debug-logging and have a look at the log file. I would guess you created some loops with LAN discovery, Port mapping and static UDP port allocation and UPNP. Kind regards, Stephan.

Hey there. Don't get me wrong. I do see the request for embedded encryption. But that's not a point to avoid and disqualify EncFS completely. I tried to combine both here in the wishlist thread: Pretty much as you, Peter, I requested encrypted-only secets ... or morely I supported another guy requesting this. Ontop of plain "please give us encrypted nodes" I tried to request and explain: It would be pretty nice, if btsync supported EncFS compatible encryption; If btsync would behave according to EncFS protocol when doing encrypted-only synchronization. I don't know if it's this thread or another, but somebody already explained that EncFS has basically two modes of operation. The first one uses encryted files on a file system level and presents the unencrypted content virtually as a mount The second one does it the other way around. Files are unencrypted on your file system but presented virtually as an encrypted mount. The second mode is obviousely much faster than the first one because usual file access doesn't go through encryption. Only the syncing part would access the encrypted vrtual mount. And here is where my suggestion kicks in: Maybe it's possible to have the btsync app use the EncFS library to do on-the-fly encryption of data right before the data is sent out. On my local machine, btsync behaves like it does currently. We add a "emcrypted-only secret". If a node connects with a "encrypted-only" secret, my local computer does EncFS protocol like encryption of file contents before sending it to the remote host. Done. This would allow for a couple of things: It's kind of reviewable, because the EncFS protocol is open. So there's no problem to check weather btsync does encryption in a secure way or not. If there are platforms where EncFS is not available, not part of btsync or maybe even if there is any situation where no btsync at all is available when accessing a previousely synced folder (I'm thinking about access to backups of encrypt-only folders), the unencrypted stuff can still be recovered. There's not so much performance overhead during regular heavy file access compared to unterlying file system level based encryption. This would allow for a paranoid start and migration to less paranoid. I could start with EncFS as a virtual file system leve encryption and put btsnc ontop of it. Just like explained a couple of posts ago. And in a couple of month, as soon as I discovere that EncFS on windows isn't as stable as I thought, I could just press the "migrate to less paranoid EncFS" button, import the EncFS configuration file into btsync on my local computer, and from here on all other nodes do act as "encrypted-only" nodes without the need to retransmit hundrets of GB of files again to my other nodes. Especially the performance overhead thing is a point, imho. Think about virtual machine hdd files. VMDK for VMware, if you want. Those keep the file system bussy constantly. If there's file system level encryption (If I drop my VMs into an EncFS folder), constant encryption is necessary. I have VMs that keep my HDD 60MB/s for several hours. If the encryption is not on a file systsem level but a part of btsync then there is no need to encrypt data as often as possible but only when synchronization is going on. Therefore the btsync is required to have consistent index data for both, the encrypted and unencrypted version of a file. So: I do see the need for an integrated encryption. But nevertheless I do want to have it based on a commonly known standard as well. And I suggest EncFS because of its advantages for single file encryption and its availablility as a implementation as compiled ready to use application but not only as a C function. Ths is basically what I tried to request with my wishlist post. And of course, that's something I would play a couple of beers, too. I don't know how much. To go for 100€ or more per license It would *require* to be transparent, imho. Kind regards, Stephan.

Hey there. As I just wrote here, I go for EncFS too and I like it pretty much. Using TrueCrypt has the great disadvantage that you can only rely on consistent synchronization for dismounted containers. Think about leaving the office at night. You need to dismount the TrueCrypt container first and wait for synchronization. Depending on the amount of stuff you did during the day, this can take several minutes. EncFS only provides virtual decrypted views on files, so changes on files go directly to the encrypted file and trigger btsync to synchronize immediately. And the shift problem with EncFS even more unimportant as it is with TrueCrypt. Think about several small files with a view KB each. Add them to TrueCrypt, wich likely makes TrueCrypt spread them (I don't know about the ballancing algorithm of TrueCrypt in Detail, but that's basically what goes on here) turough the container. It tries to avoid fragmentation and it tries to keep as much as concurrent space as possible. Several small files being magitudes smaller than $btsyncBlockSize added to TrueCrypt creates almost as much single changed fragments inside of the TrueCrypt container as you added files. Say, 10 files with 4KB each (create empty files just to have placeholders for something) might create 10*$btsyncBlockSize to be synchronized. Add 10 little files to EncFS and you will get 10 encrypted files that are alomst as little as the original ones, which is far away from 10*$btsyncBlockSize. If you don't add several small files but simply change existing ones that are smaller thatn $btsyncBlockSize require you to synchronize those $numberOfFIles*$btsyncBlockSize when using TrueCrypt, but only require you to synchronize $numberOfFiles*$individuallAverageFileSize. If your manipulated files are bigger than $btsyncBlockSize, then TrueCrypt and EncFS require you to synchronize pretty much the same amount of data. So, EncFS comes in pretty handy if your modified files are usually smaller than the $btsyncBlockSize. If your modified files are usually bigger, it should be pretty much the same. I know that the math is a little bit more difficult, since both have kind of independent block cyphers with a defined block size and I know that EncFS for small files (smaller thatn $EncFSBlockSize) behaves almost like stream cypher. But that's nothing to worry about here, since it doesn't influence the math in an noticable way. And, as Written in the other thread, it works pretty well on all the platforms I use. Kind regards, Stephan.

Hey there. A someone already wrote: I go for EncFS, which works pretty well. The path "/var/storage/encrypted" contains all encrypted data, which is plain file system stuff. The path "/var/storage/encrypted/ljwsvhuasflkh1" could be the encrypted path name for my "music". Pain file system stuff here, too. The path "/var/storage/encrypted/quihsgdnhuiaqef3" could be the encrypted path name for my "documents", and plain file system stuff once again. EncFS mounts and decrypts "/var/storage/encrypted" to "/var/storage/decrypted", through EncFS it's kind of virutally That means "/var/storage/decrypted/music" is the decrypted version of "/var/storage/encrypted/ljwsvhuasflkh1" And that means "/var/storage/decrypted/private" is the decrypted version of "/var/storage/encrypted/quihsgdnhuiaqef3" Now btsync kicks in. It uses "/var/storage/encrypted/ljwsvhuasflkh1" as my first sync/share And it uses "/var/storage/encrypted/quihsgdnhuiaqef3" as my second share The advantages of this setup are: If my device gets lost (say, stolen), my data is as secure as a lost device could be. Whoever finds it can access encrypted data only. He might have access to my sync secrets, but that doesn't give him access to unencrypted data. I use only a single encrypting base ("/var/storage/encrypted") with a single password. But I have different syncs in there, which allows e.g. my personal computers to use all of my syns, where my office computer only syncs the "private" share. I can setup backup/seeding nodes just by renting a cheap and semi-thrusted vps somewhere. As long as I only set the btsync config without adding the EncFS config, the backup/seeding node does not have access to unencrypted data. The encryption configuration file (I think it's called encfs.xml or something) is not part of the synchronized data. To setup the encfs part to a new node, I don't have to simply type in the password in an EncFS prompt but I need to manually copy the configuration file first. That's kind of even more security ontop, since the encrypted data isn't "fully self-contained". EncFS is available for Linux, Unix, MacOS, Windows and Android. I don't know if there is something for iOS. I don't think so, since iOs doesn't provide file system level to applications. So this setup might not work with iOS. But that's not a blocker for me. The encrpyted data contains as much files as the unencrypted folder has, and each encrypted file has an equivalent decrypted file with almost the same size (adding a view bytes of metadata, but not worth talking about it). This results in very small files to be transferred and no (noticable) block shift problem. I don't habve to rely on btsyncs closed source encryption feature only. No offense to the owners, it's a pretty nice tool. But with btsync having only access to encrypted data created by open source EncFS makes me sleep even better. In the early days of btsync, I thought about "man, would be pretty nice if btsync would be able to make transparent EncFS internally". But as of my current state of knowledge and worldview, I like keeping file system level encryption and device synchronization in different products more than having a single closed source product handling all my personal data. The only dissadvantage I see here is: Plain btsync dosn't see unencrypted file names, so on-demand syncing on android devices is kind of impossible. You never now if /var/storage/encrypted/sdfljwregs/sdolkgw3lhfsd/sdlfknwef/sdfsdfsd is the song you want to listen to or just the android ".nomedia" file indicating that this particular folder should not be added to androids media index. But that's O.K. for me, I simply put all my syncs to "automatic synchronization". There are a view little API things that would improve my btsync setup, such as "execute a command line tool as soon as the first remote finishes syncing". But that's absence defintively doesn't make it unusable. Regards, Stephan.

I don't get that expression. If it's my spelling, that's mostly because my german android keyboard layout did clumsy things to my words. Unfortunately I was on my way through "no mobile data zones" through the US, so I wasn't able to correct my stuff right after I discovered those multiple misspellings. If you don't mean just the word spelling, please tell me what I did wrong. Using a VPN isn't exactly what I should have to do. Btsync claims to have encrypted data on the wire, so it should only be discovered like "there's some bittorrent protocoll here", the actual data should be save. That's what I read from "Private and Secure" at http://labs.bittorre...ents/sync.html. And: Using a VPN isn't exactly what btsync is designed for. Think about me being at a rental office box in new york and a collegue of ine being at another rental office box in san francisco. What kind of VPN do you expect us to use? Our common VPN server in germany? I hope not, since distributed meshed stuff is *exactly* what btsync is for. Better make a strong in-protocol encryption then wakening the whole idea behind btsync. If we should use a central VPN we could use rsync or windows offline folers, or whatever. Of course, as long as it's *real* sensitive data (business critical stuff with strong NDAs) I don't put it in any cloud based sollution. But that's not the point here. Maybe using a VPN here comes in as a real sullution if it's possible to force btsync to pass all its traffic through a VPN, although the VPN isn't the default gateway. Then I could think about putting a VPN endpoint in every datacenter around the world for me and all of my collegues and use the on demand. But this idea should be handled with care. What about iPhone and Android devices? It can be realy tricky to ake them go through VPN. I know that there are OpenVPN, PPTP, TincVPN and other VPN sollutions for Android. But I don't know if they are easy going on iPhone. IMHO there should be not-traceable "only use known hosts" connections for this exact situation. And here is another thing that goes hand by hand with my "allow differeint connection profiles per whaterver windows uses to determine network locations": The parameter "use dedicated communication interface" should be part of this. Would be great if btsync uses my US outbound VPN gateway (or whatever VPN sollution I decide to use) whenever I'm in starbucks or hotels, but not when I'm at my US offices. Kind regards, Stephan.

Hey there. I just discovered kind oft a show stopper. As a guest in a hotels wifi, they banned My laptop a couple oft seconds after its boot du to file sharing usage, which was forbidden by their terms oft service. I would suggest something like different network profil es. If I am correct, Windows has different network behavior settings (such as firewall configuration) based in the default gateways MAC address. I would love to see tracker and networks usage based von such profiles, with a default one that either pops a message to decide the actual configuration or only uses static hosts. So my current wish: Different setting profiles based on "whatever Windows uses". Kind regards, Stephan.

Here are two additional points: Somebody else already mentioned that sync options "Use relay server if required", "Use tracker server", "Search LAN" and "DHT Network" are missing. It seems that currently only "Use tracker server" is active. All of my hosts that have never been set to "Use tracker server" are not connecting, although they have "Search LAN" enabled. The QR code photo button is missplaced on my S2. Only its lower ~3px are visible, which less than the space between the QR code photo button and the "OK" button. Kind regards, Stephan.

Hey there. Here's my first impression. I'm using the android version on al Cyanogenmod driven Samsung Galaxy S2. No GUI issues. Even those things I would have done the other way around look like they are designed this way. My mobile devices computer name is more limited then the computer names of Windows and Linux clients. My Windows and Linux clients have names with between 24 and 31 characters. I love to use fqdn here since I expect to sync lots of machines. My mobile phone seems to be limieted to 20 characters. Would be nice to be able to decide per folder if I want automated synchronization or on-demand. Automated should be variable polling time to avoid mobile phones that are awake constantly. Let's say "very x minutes" and "very time I open the app". Would be realy nice to have polling intervals different for battery and power-cord powered devices, since when I'm at work and the phone is plugged in to the docking station, synchronization can be easily done every 5 minutes, where when I'm on the road polling might be completely unnecessary. If we're on the polling thing: Would be nice if I could bring my files into a download priority. There are some files, let's say a keepass file, that need to be as recent as possible. Others (music, e.g.) isn't that necessary for me. So synchronization priority is the thing here. My windows device shows that my mobile phone is syncing currently. It says "88.7MB" and shows an arrow pointing bottom-up. But my phone isn't syncing, its just not up to date. But since it does not sync automatically, the indicator is plain wrong. Or: This can be a bug. Maybe the phone *should* sync autoatically but doesn't. Synchronization on demand by clicking on a file name on the "remote" tab works quite well. After having taken a photo of the QR code and after the share is configured, I would expect to have anotification popup saying "new sync XYZ configured". When I did the procedure with the first share I didn't notice that it's completed because it didn't take halfe of a second to complete. So I took three or four photos of the very same QR code until I realized that the sync is already active. Would be nice to know wich devices are connected. Curently it only shows "3 devices online". When I'm at my office, there's differend subnets for wireless and wired computers. There's even different subnets for differend wired computers due to security reasons. And there's different firewall configuratoins between internal subnets and between one subnet and the internet. I really don't know which device can connect to which TCP or UDP port. So the list of connected device names is missing currently -- as well as having individual synchronization state indicators for individual remote hosts. When clicking the trashcan button on my mobile device, it says "Remove the folder". This is sounds really dangerous, since It could stand for "delete content from the file system as well". I would suggest to have three buttons here: "Cancel (keep sync)", "Unlink sync but keep file system content" and "Remove sync and delete files as well". I'm not sure if the "delete files as well" button should lead do an additional "really" neg. To give a little hint about my setup: I currently have two shares. One contains "music", which is plain filled with binary MP3 files. Another one is "private". It contains private stuff, such as keepass files or ssh keys. The private folder is EncFS encrypted, I just do synchronize the encrypted stuff. Selecting each singe file to be synchronized here is pointless because the file names are several random characters. I simply do not know which file contains which content from inside of the btsync app. But all in all: Feels nice, especially as it's the very first public version. Kind regards, Stephan.

Hey there. I would like to have two CLI arguments: "btsync --last-completed-synchronization $folder" I've written some startup scripts that trigger some tools and wait for mounts to appear, e.g. TrueCrypt, Samba and so on. Would be nice to have a tool in place which tells me when a specific sync folder was completely in sync. Usually having folders in sync for 4h or more I must wait because synchronization will start in a couple of seconds. "btsync --block-until-next-synchronization-finishes $folder" In addition to the use case above, I would call this command and expect it to wait just as long as the next synchronization job for the given folder is completed. If there is no synchronization task running currently, it sould still wait since the next synchronization run will start in a couple of seconds. The thing I want to achieve as a CLI task (to run as bash on linux or batch on windows) like "sleep until the given folder was synchronized less then 4h ago". Having a simple "execute task something as soon as synchronization is completed" would require me to implement a polling loop in bash ans batch, so having an in-place wait would be really nice here. Regards, Stephan.

Ah, here's another one. Could you please show verison numbers on your public download page on http://labs.bittorrent.com/experiments/sync.html#downloadpop?

Hey there. Currently I'm syncing EncFS encrypted stuff. The main reason is to be able to have out source sync destionations, such as a cheap VPS or a NAS located at one of my friends home. This means: Having verbose synchronization notification popups isn't very usefull, because all file names are something like 24 random characters. So here's my suggestion: Allow to adjust level of verbosity for the "show notification for complete downloads" feature. Would be nice if I could adjust this per sync share, which would allow to have both at the same time: EncFS syncs and unencrypted syncs. I'm thinking about those levels: High: Shows "File $fileName synchronization completed." for each file. Low: Shows "Finished synchronization of $numberOfDocuments" as soon as all currently connected device are in sync. Disable: Does not show any popups. Maybe the notification policy could be changed to some even more flexible. Show "Start synchronizaton of $numberOfDocuments" as checkbox Show "Finished synchronizuation of $numberOfDocuments" as checkbox Show "Start synchronization of $fileName" as checkbox. Show "File $fileName synchronization completed" as checkbox Kind regards, Stephan.

Hey there. I had the very same experience with 1.0.132, 1.0.134 and 1.1.12 all on Ubuntu 12.04. I do not want to have btsync run as root, but I want to have it a static port below 1024, using the "listening_port" parameter in the json format config file. As long as the binary does not have the privilege to do so ("setcap 'cap_net_bind_service=+ep' /opt/btsync/btsync"), the btsync process keeps using 100% cpu forever. No single line in the extended debug log indicates that. It finishes indexing. And it seems to allocate other ports instead and syncing with other hosts works just fine. But there are two things that should be mentioned somehow: The ciritical one is: The process does not stop using 100% CPU. The not ciritical one is: Of coures the process does not allocate the specified port. I would expect the command line tool to completely stop working (kill) and making some execption note about not being able to open the socket inside the debug log. Sorry again for having opened a thread for reoprting. Kind regards, Stephan.

Ah, didn't notice that "if you have sync app issues" contains bug posts as well. I'll post there. Could someone please close and delete this thread instead? Sorry for opening. I just thought "if you have sync app issues" only provides information how to debug.

Hey there. Is there a bug tracker I currently don't know? Or is there a dedicated bug sub forum? I'm perfectly fine with moving this statement there. I had the very same experience with 1.0.132, 1.0.134 and 1.1.12 all on Ubuntu 12.04. I do not want to have btsync run as root, but I want to have it a static port below 1024, using the "listening_port" parameter in the json format config file. As long as the binary does not have the privilege to do so ("setcap 'cap_net_bind_service=+ep' /opt/btsync/btsync"), the btsync process keeps using 100% cpu forever. No single line in the extended debug log indicates that. It finishes indexing. And it seems to allocate other ports instead and syncing with other hosts works just fine. But there are two things that should be mentioned somehow: The ciritical one is: The process does not stop using 100% CPU. The not ciritical one is: Of coures the process does not allocate the specified port. I would expect the command line tool to completely stop working (kill) and making some execption note about not being able to open the socket inside the debug log. Kind regards, Stephan.

Hey there. I would really love to have see btsync use IPv6. Some of the locations my computers are located provide native routed IPv6 addresses for each computer but only a single NAT IPv4 address against the internet. Often the IPv4 NAT connection does not allow UPNP, so relaying is required. Having IPv6 would be really nice. Kind regards, Stephan.

Hey there. I'm full service hosting provider. My customer projects are stored in GIT and I use a deployment script that creates per-version folders on my webserver, changes apache vhost configs (actually, only changes symlinks the vhost points to) and reloads a webserver. This mechanism works well for deploying new code to my webserver. Sometimes I need to download file system changes or database changes from the public webserver to my development environment. I would like to make the "user files" folder of the webspace (those folder that does not contain code or templates but user generated files like images or PDF files) a btsync to have it synchronized with my local development environment all the time. Of course I want to use read-only secrets to make sure not to make "content drive by deployment" by accidentally changing content files on my dev setup. In addition to this: Some of my webservers in my data center host intranet setups for companies with divisions world wide. Currently I synchronize the formerly mentioned "user files" folders (which contain several of 10th of GB) from my data center webservers to local webservers at my customers offices with rsync. Maybe this can be changed to btsync, wich would eliminate some delay caused by cronjob rsyncing. Kind regards, Stephan.

Public links: Would be great to have this as a plugin or something. I really don't want my personal computer to open a TCP UPNP port through my NAT firewall just to share a single file so somebody else. And: Usually I use those "copy public link" mechanisms of e.g. dropbox in e-mails, sometimes in mailing lists and newsgroups. I don't want to keep my laptop powwered on and online, which would be required to make this public link available. Instead, I can thing of a dedicated simplified share-only webserver module running "somewhere". The local "copy public link" mechanism could push a one-time secret to the share-only webserver module and make the webserver download this file. The public link would not point to my laptop but to this share-only webserver. There could be a tiny btsync instance running on an ordenary webserver that gets "per file secrets", loads dedicated files from my computer and just writes them to the local file system. Maybe the "per file secret" instance could be implemented in PHP or something, which would allow to use a really cheap small space webhoster as publishing proxy. Restrict listeners to dedicate interfaces: I'm running a cheal VPS having a couple of GB of space. This VPS comes with two IPv4 IP addresses and as many IPv6 IP addresses as I want. Each additional IPv6 address is for free, each additional IPv4 address costs $2 a month. I don't want the btsync process bind to all of my IP addresses. There's realy no need for this. Especially because I want the service use common ports that remain untouched by the most of hotel NAT firewall routers, such as 53 or 80, I just don't want btsync to block *:80 but only eth3:80. Rename foreign nodes locally: My computers are called "computer.internal.mydomain.de", "server.internal.mydomain.de", "cheapvps.mydomain.de" etc. Then I added two computers at my company, which are named "desktop.internal.mycompany.de" and "laptop.internal.mycompany.de". Now I'm sharing a sync with a friend who calls his computers "black" and "white" because that's their colors. And I'm sharing another sync with another friend who calls his computers some other crazy names. I want to be able to rename connected computers locally. Block foreign nodes: I run a couple of computers at my network and it doesn't make sense to have them all-way sync. Especially because currently the all-way sync seams to be somehow broken (but I will open another thread for this later). Think about this (as a current situation): Available computers are: computer1.home, computer2.home, server.home, computer1.comany, computer2.company, server.company. *.home is wired by 1GBit cable *.company/s is wired by 1GBit/s cable *.home to *.company can upload with ~0.5MBit/s *.company to *.home can upload with 10MBit/s I want to be able to (in addition to the upper configuration) set something like this: computer1.home is restricted to only sync with server.home computer2.home is restricted to only sync with server.home computer1.company is restricted to only sync with server.company computer2.company is restricted to only sync with server.company I know that this conflicts with the p2p thought. But because the sync is always done with the highest priority through local network in the first place, I can simply switch off my computer1 and computer2 as soon as they are completed. The servers sync themselfs in another step. The current situation I have looks like this: My computer1 starts syncing with "all" of the nodes at the same time, and it's completely random which node finishes sync as the first one. Very ofen my computer1.home starts syncing with all nodes at the same time and computer2.company is the first node that completes syncing, after ~60 seconds even if it's only a 20KB text file. Only using LAN here isn't enough, because all computers (except the servers) are laptop and might be moved to other places like hotels or cafes. So LAN sync only isn't exactly what I want. I would suggest something like three restrincting levels: sync with everybody sharing the same secret, except a couple of non-sync nodes the user can select in a configuration menu sync with nobody execpt a couple of sync nodes (sharing the same secret, of course) the user can select in a configuration menu each time a new node wants to sync, the local user has to select if sync or no-sync. That's a little bit like security level of some desktop firewalls I know. Kind regards, Stephan.

Reply. I just got the confirmation mail of the automated registration process. Now I'm looking forward to testing the first steps of the mobile version.

Couple with inline EncFS algorithm. Hey there. Some others have ased for "encrypted only secrets". I second this, but I want to slightly modify this. I'm thinking of a second step of security. Level 1: Sync with default secrets, have them either read, write or one-time. Level 2: Use EncFS algorithms (and add a valid EncFS configuration XML) to have only EncFS encrypted data going over the wire. The things this would achieve: * It's a reviewable and commonly known format encryption format. * I can have both, completely trusted and instantly encrypted nodes and per-use encrypted ones. Let me enlight my last point. I have a private computer. I have complete and unique control over its hardware, so I can use e.g. hard drive encryption and my data is safe. I can use the "encrypt instantly" mode, my private data can be stored unencrypted in my btsync directory because the hard drive encryption does encryption itself. I have another computer which is provied by my company and controlled by some administrators. They allow me to use btsync, but they do have physical access to the computer and are allowed to decrypt everything on it since the windows directroy encryption key is some active directory property. So I'm not not the only one having access to my home dir. Here I would use the read/write secret and install WinEncFS ontop of it. Now i can mount the decrypted folder on demand, the file system values are encrypted all the time. And there might be something like a hosted VPS (there are cheap ones for a couple of dollars per month that provide 25-50GB of storage) wich can act as an always-on server. This one gets the "read/write" secret -- but I will never type in the EncFS secret here. And that's my point: I would add too hook points "post-persist/pre-submit" (when the file sytem change is detected, right before the synchronization to other nodes takes place) and "post-receive/pre-persist" (when there is incoming data from other nodes, just before it's written to my file system) that do inline encryption and decryption, using the EncFS standard. Maybe this one can be extended to "add such hooks, just like GIT has". But my main point is the encryption here, not the hook API. Kind regards, Stephan.