Recommended Posts

Posted

It would be nice it I could use BTSync to provide (possibly temporary) upload facilities to others.

For example, I have a share Uploads on my server. When a customer wants to upload order data, I give him a temporary write-only secret. He connects the secret to a folder on a local system, and anything he puts in that folder will be synched to my Uploads. However, nothing will be synched back from the Uploads folder to the customer. Also, several customers could be using the Uploads folder simulataneously.

 

This can be done by the customer handing me a read-only secret of one of his folders, but for obvious reasons I want to be the initiating party.

Posted

Note: Re-posting this from the old Wishlist thread.

 

Feature request: New type of secret "Deposit"

 

Hello BitTorrent Sync Developement Team,

 

I think it would be very useful to implement a new kind of secret that allow a BitTorrent Sync user to accept upload of files from 3rd parties, without divulging the existing files in a share, and without the tedious management of multiple independent shares. Some may call this "one-way sync".

 

Here's how I think it could work:

1. Alice wants to upload some files to Bob

2. Bob already has a BTSync share called "Bob's Documents", and Bob decides that he doesn't want to create & manage yet another new share :)

3. Bob launches BTSync program on his computer, and go to "Bob's Documents" > "Show folder preferences". From there he obtains the "Deposit" secret. Bob advises Alice of the secret

4. Alice adds the secret to her BTSync app, pointing to a new empty folder called "Upload to Bob" on her computer
    !! Instead of downloading and seeing Bob's files, "Upload to Bob" folder remains empty regardless of Bob's activties

5. Alice copy files into "Upload to Bob"

6. On Bob's computer, a new subfolder called "From Alice's Work Laptop" (i.e. "From Device Name") is automatically created under "Bob's Documents". Alice's files are uploaded under this folder without affecting any existing files in "Bob's Documents"

7. A while later, Alice gets a notification from the BTSync program that all files have been transferred to "Bob's Computer"
    !! Alice can now safely move / delete all files in "Upload to Bob", without affecting any files on Bob's computer

8. Alice's files are also uploaded to all devices that share the full access / read-only secrets of "Bob's Documents" automatically. For example, "Bob's Backup Server" gets a copy of all files from Alice

 

9. After Bob has finished working with Alice's files, he can delete / move the files, or leave them in the share. Alice would not know about the fate of those files

 

10. Later, Bob can give Chloe his Deposit secret, and Chloe can start uploading files to "Bob's Documents/From Chloe's Work Computer/"


In other words, this is a "one-way" sync from Alice to Bob. In fact it's a very simple concept to grasp. It works almost exactly the same as the internet email system (Geez I think we are re-inventing emails!):

1. The "Deposit" secret is like your email address

2. Any one who know your "email address" can send you "mails" (upload files)

3. However, knowing the "email address" does not allow one to look into the contents of your "inbox" (Obviously)

4. There may be multiple people who know your "email address", but these people cannot know who has sent what "mails" to you. Users with the "Deposit" secret are isolated. Although the "Deposit" secret is the same, these users do not communicate / sync with each other.

5. Once the "mails" are delivered to your "inbox" they cannot be recalled / un-delivered. This is a true One-Way sync.

 

6. Once the "mails" are delivered the 2 copies of mails (files) are independent. It works the same way as email inbox and "Sent Mails" mailboxes in email programs. "Sent Mails" mailbox can be emptied frequently without affecting the delivered emails.

 

Besides the email analogy, an UNIX analogy would be a directory with the permission "733" ( drwx-wx-wx )

 

I hope you find my description of this "Deposit" secret useful :rolleyes:

 

One last thing, I think this "Deposit" secret can also be used to solve the "sync camera rolls on mobile devices" problem. Mobile devices can be linked to a share on computer using the "Deposit" secret. The "Deposit" secret can free the user from having to keep identical copies of photos in-sync on both the mobile devices and her computer. If either the mobile device or computer is about to run out of space, the photos can be deleted from mobile storage / move to a different hard disk without hassles.

Posted

I think it would be very useful to implement a new kind of secret that allow a BitTorrent Sync user to accept upload of files from 3rd parties, without divulging the existing files in a share, and without the tedious management of multiple independent shares. Some may call this "one-way sync".

Do you mean the same functionality that's already present in the form of "encrypted" nodes?

Posted

I don't quite think so. The relevant part is that 1) I am the originating party, and 2) the other participant can put files in the shared folder that are uploaded to my folder without him being able to see (and modify) what's already there.

Posted

No, it's not the same as encrypted secrets. Think of this idea as a secret that you can hand out to others (even strangers). Files are segregated between users of the "Deposit" secret.

I've outlined the modus operandi in details in my original post. I also wrote an "email address" analogy which I won't repeat here.

Here's a potential use case:

A tech startup is organising a design competition for the the 21st century's toaster. Being a startup on a shoestring, the organisers decided to let contestants submit their work using BitTorrent Sync. The organisers produced a poster for the competition, with a BTSync QR code printed on it. In a perfect world, it would be OK to print the normal BTSync full-access QR code. However, the world isn't perfect and there're problems with using a full-access secret:

1. Anyone can see everyone's files. That ensures endless arguments of who plagiarised whose design

2. Malicious users / vandals can easily modify / delete the files

With the "Deposit" secret, both problems are solved by complete segregation of files - contestants can't see other's files. Only the organisers have full access to all files.

Posted

I like the idea, but it needs more security than just the device name (which could easily be brute forced and then existing files could be overwritten). I would also like to see some sort of quota to restrict the upload size per device.

Posted (edited)

I can think to another use case for which this idea could be useful.

 

1. Bob uses BTSync on both his Laptop and on a Server.

2. Bob works mainly with his Laptop.

3. The Server is a secondary machine used exclusively as a backup.

4. Bob wants to share a folder with Alice.

5. Bob creates the secret for the folder on his Laptop ans sends it to Alice.

6. Alice is offline and when she receives the secret, Bob is offline. Alice is not able to sync the folder

 

The current solution to this problem is for Bob to create a shared folder with the same secret also on his Server (after step 5).

 

It would be nice to have an automatic sharing between Laptop and Server.

 

This is the idea.

 

A. Bob creates a special folder ONE on his Laptop and shares it with his Server by using a secret Secret_ONE

B. Bob creates on his Laptop a subfolder TWO, within folder ONE. This subfolder, together with its content, is synchronized with the Server (up to here, nothing new).

C. Bob shares folder TWO on his Laptop with Alice, by means of a newly generated secret Secret_TWO

D. The Server assigns to its copy of subfolder TWO the same secret Secret_TWO that Bob created on his Laptop (that is, special folder ONE synchronizes not only the files but also the secrets ...)

 

Now Alice can retrieve his copy of folder TWO even if Bob his offline, and Bob does not have apply the same secret on two machines (Laptop and Server) but only on his main machine (the Laptop)

Edited by cremones
Posted

So... your idea is just a workaround so you don't have to create folder two on the server yourself? Seems a bit involved to me, and it doesn't really have anything to do with the original proposal in this thread.

Posted

I fail to see how. The idea here is to have a type of secret that allows only uploading without access to the files already in the shared folder.

Your idea is to create shares automatically by putting the secret in a special file.

 

How are those two connected?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.