NeoXiD

Members
  • Content Count

    16
  • Joined

  • Last visited

  • Days Won

    2

About NeoXiD

  • Rank
    Member

Profile Information

  • Gender
    Male
  • Location
    Switzerland

Contact Methods

  • Jabber
    neoxid@ssxs.pw
  1. Hi Mike Thanks for your message. I only barely watched the development of Sync 2.0, as I've already guessed in the past that such things are probably going to happen. I had also written a statement about that on GitHub and stopped development altogether. They've introduced new protocols, a lot of reverse engineering would be needed and with Sync 2.0 it might get even more legally questionable if you start with bypassing pro-only restrictions. BitTorrent Inc. said in the past that they're going to tolerate my project for now and I'm not sure if they would still do so nowadays. I'd rather li
  2. > http://forum.bittorrent.com/topic/25855-release-own-tracker-for-usage-within-companies/
  3. That's not a tracker, these are static IPs. (And this feature isn't even implemented in the mobile applications...) And this might work if you've got around 3-4 clients and you own all of them... But what if you want to share some files with friends, coworkers, ...? Ask them for their IPs and update them all of the time? Request some dynamic DNS domains from them? That's clearly no tracker replacement. And I would also claim that a single computer which accepts incoming connections does not act as a relay server, otherwise this option would not be needed. Ofcourse, you can get some server whic
  4. You've mentioned another good point, thanks @CptDerp. owncloud isn't really an alternative imho and Tahoe-LAFS is a bit complicated. I've tested both of them already, but I didn't found something yet which is as simple and works out-of-the-box like BTSync does. But unfortunately it is very unlikely that BitTorrent Inc. will ever release BTSync as an open-source application, so we have to trust this 'blackbox' or just don't use it anymore. But truly some statements which are mentioned on their homepage are probably marketing bs and nobody can tell how secure BTSync really is.
  5. I've just posted a long thread about this, you can read it at http://forum.bittorrent.com/topic/26538-concerns-about-the-security-of-btsync/. It describes all the data which gets transfered and all possible security problems. For general use, you should be fine with BTSync, but always think carefully about trusting some closed-source softwares.
  6. Hello there I'm the developer of sync.io, a private tracker server made for BitTorrent Sync. This project is inofficial and not finished, but some people are already using it. To accomplish this project, I had to reverse engineer a lot of the used protocol and can therefore give you some details about the security of BitTorrent Sync. First of all, BTSync is not 100% private as it might be mentioned on some pages. Think about the following thing: You've got 5 clients, all with the same secret, located on some different networks worldwide. How do they find each other? They've got not chance w
  7. Sorry for that issue. I've just refactored huge amounts of Sync.IO, the code is now much more readable, structured and also includes more checks, so bad stuff like that should not happen again. Still, like for every node.js application, I can highly recommend forever, a node module which keeps a process up and running. (And restarts it, if some fatal should occur) Roadmap: Implement relay server support (a bit hard to test though), refactor the webinterface (code could be a bit more clean), implement a statistics page, find some better ways to use sync.io instead of messing around with DNS r
  8. Good news, a BitTorrent Inc. employee just confirmed that sync.io does not violate the Terms of Service. Therefore I will continue with this project as soon as I have some free time left.
  9. I do, although I do not have enough time to work actively on it. I had some first successful tries with a private relay server, but there are still some things to improve. Still waiting for an answer, contacted some employees, but it seems like they are all still enjoying their holidays
  10. Hm, I did not know that the protocol might be also affected by this ToS? I've understood that only reverse engineering the binary would be forbidden... Anyways, thanks for the hint @GreatMarko. I just wrote a private message to an BitTorrent employee and will freeze this project until these questions are resolved. Regards NeoXiD
  11. As lolcat said, the secret keys are not handled by an external server. A hash will be generated out of the secret key, which will be then used to announce the share at the tracker and search for other peers. Notice: sync.io does currently only support a private tracker server, you will still use the BitTorrent Sync Relay server for outgoing connections. (Means that if no direct connection can be established because of NAT, firewalls..., your data gets transfered over the relay server. Encrypted ofcourse) I am still reverse engineering the relay server protocol and I've already made some succ
  12. Thanks for the great feedback so far. If anyone wants to try it out without installing sync.io, they could also use http://ares.snapserv.net:4000 for testing purposes. To do this, one method would be overriding the DNS record for t.usyncapp.com and setting it to 176.9.229.90. Your share(s) should immediately pop up there as soon as you restart BTSync. Only use this for testing purposes, this tracker isn't always available. Right now I am working on a private relay server, which will be seamlessly integrated into sync.io. So far I achieved the first few things, so that featue should probably
  13. They announce a hash (identifies the share, will further analyze how it will be generated), their local IP and a unique peer identifier, which seems to be choosen randomly as soon as you start the application for the first time.Here's a link to my test environment: http://ares.snapserv.net:4000 You will see there what information gets published. Before anyone starts with messing around there, no sensitive data is stored on my test env.
  14. Hey there! First of all, I would like to say thanks to the developers of BitTorrent Sync. The application is fantastic and can handle large amounts of data. Although, there are some features missing: Own tracker and relay servers! We would have really loved to use BT Sync within our company, but without an own tracker and potentially relay server that's a no-go... So, I made some research and it seems like there isn't anything on the roadmap to make own trackers possible. That's why I've decided to start up Wireshark and analyze the tracker protocol. Soon I had all the necessary things toget
  15. As some other people already mentioned, thanks for the great work! I am currently using BTSync to sync 4 desktop clients - and it works like a charm. Unfortunately, there is one big feature missing in the mobile apps: Custom fixed port & predefined hosts - I was never using any "multicast detection", "trackers", "dht" oder whatever. I was always using predefined hosts, thats why I would need that feature in the mobile app. Please do not tell me to use "Search in LAN network" or how it is called, this feature does not work over VPN connections... Regards NeoXiD