Serious Security Concern: New Devices Should Require Approval

[gurkesaft]

Currently it seems if someone steals (or guesses) one of your codes, they can hop onto the cloud with your devices and start stealing your files. Their device will obviously appear in the list, but if you don't check the list constantly and see it right away, the damage is already done.

Is this correct?

Guessing a code is low odds, but I could imagine "trollers" using many computers to continuously try different keys until one works. The odds of this will increase as there are more users but this threat should always be pretty minimal.

It will always be easy to steal a key, however! Anyone could look at my laptop if it is unattended for a moment and steal a key without me knowing.

One solution: Require some form of approval from one of the computers already sharing the folder. This way random people couldn't ever hack in without your knowing. It would also deter key stealing and trollers.

Is this possible?

Thanks again for the great program!

[gurkesaft]

More discussion on this:

[GreatMarko]

More discussion on this:

http://forum.bittorr...quire-approval/

Hmmm.... you've linked back to this thread!!?

[coewar]

I was thinking similar thing. An option to allow that might be good. One of the tabs maybe could be listing "pending clients" that need approval.

Related to that, a default option for the folders not to be accessible via the tracker/relay/LAN search/who knows how this works options.

[Harold Feit]

There are already enough topics on the security of BitTorrent Sync that you should have used one of them.

This thread is being closed because you tried to do a circular reference.