Smithers

@piotrnik, good point, I did not realise it did this. That's a big spanner then. CrayTo5 described the point far moreeloquently than I did, thanks! I guess on your suggestion CrayTo5, it would still be open to anonymous access which is something we're trying to avoid. Apologies, excuse my ignorance. Just thinking out aloud again, hoping to drop a few ideas for the Dev's to think about. I had another idea, which might not be possible as I don't understand completely the communications behind BitTorrent. Say each client generated a complete unique ID upon install, which hashes something unique on the hardware (say MAC?), this ID wouldn't change unlike a dynamic IP address. Then it's with this ID, that is transmitted with the initial connection, you could permit or deny who has access, much like you do with the IP ACL. I hope that makes sense!

Agreed but then how does one protect their files from anonymous access. Another possible method is the R or R/W keys are disabled completely and only the one time keys are useable. Just thinking out aloud really. There has to be a way (configurable) to disallow anonymous connectivity or aleat confirm that connectivity.

Absolutely, but firstly, I'm sadly not always at my computer so during those times it could happen, and secondly, even if I was on my machine the need to constantly check who's connected doesn't sound very efficient.

Hi all, BTSync allows you to share keys, which is great, but it would make more sense to have an additional confirmation when someone adds your key to their BTSync client. For example, I create a folder and share it. I share the key to 2 other people whom then add the key to their client, and It's at this point my BTSync client should confirm that someone wants to connect to the share. The reason I suggest this is, say the shared key gets into the wrong hands. All they have to do it add the key to their client and my files will sync with them without my knowledge, but if there was a confirmation I could either grant or deny them the access. Obviously this option should be configurable. I know I can lock down shares to IP address but I may not have access to those or that may be dynamic for the people I want to share with. Am I missing something here as this seems like a security issue, no? Cheers S

Hi all, Quick question really, one that I haven't been able to find an answer for yet, so hopefully you'll be able to help. Regarding the sharing keys for public folders, is there anyway that key can be traced back to the person sharing the key? Apologies if this question has been asked before. Thanks for your help. S