What does BTSync send to DHT or trackers?

trintoidz

By trintoidz
in Sync General Discussion

 Share

Recommended Posts

trintoidz New User

trintoidz

Posted
Posted

On http://labs.bittorre...technology.html it says

The tracker server sees the combination of SHA2(secret):ip:port and helps peers connect directly

What does BTSync send if my full access secret is AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA and I use tracker or DHT?

Does it send AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA or a SHA-256 or SHA-512 or another hash of that secret?

I've turned of the relay server, because I don't want all my files stored on other peoples server, but if it sends the regular secret without hashing it the trackers can just add that to their BTSync client and get the files from me.

What does the URL look like? I know how the trackers work on regular BitTorrent Clients, so I'm curious what BTSync sends where.

And what tracker does BTSync use? Can you choose yourself?

Link to comment
Share on other sites
vtc New User

vtc

Posted
Posted

Agree, this is also a concern to me. If those guys who run trackers can see all my folder hashes, they can just add my hashes to their BTSync clients and steal all my files. If it really operates in such a way, BTSync is not a secure product at all, and only suitable for public data distribution.

Link to comment
Share on other sites
trintoidz New User

trintoidz

Posted
  • Author
Posted

Before accusing anyone, why not taking a look for yourselves with tools like Wireshark http://www.wireshark.org/download.html ?

I have not had time to do it, but I am certain you can take a peek at the payloads being sent etc.

I'm not accusing them. I was hoping they sent a hash, and not the actual secret.

And you won't see much interesting with Wireshark if they use SSL, and BTSync looks really thought through...

The tracker will see a SHA of your secret (not the secret itself), your IP address and port number.

You can disable the use of the tracker in the folder preferences ("Use Tracker Server").

Thanks. I'm fine with that.

_______________________

So what tracker does it use?

Do BitTorrent, Inc. host it, or do they use regular public trackers?

Is it just one tracker, or a list of multiple trackers?

Link to comment
Share on other sites
peter.m.calloway Member

peter.m.calloway

Posted
Posted

So what tracker does it use?

Do BitTorrent, Inc. host it, or do they use regular public trackers?

Is it just one tracker, or a list of multiple trackers?

As far as I know, the tracker is hosted by BitTorrent (with the help of Amazon EC2 according to my own investigation ?)

Maybe some one from BiT could confirm or disconfirm that.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing