kos13

Sync: Security Is Our Highest Priority

Recommended Posts

BitTorrent Sync remains the most secure and private way to to move data between two or more devices. And for good reason, we’ve built it that way. Rigorous third-party security audits have been conducted to verify the product’s security architecture, validated by the attached report.

 

But we take questions about Sync’s security very seriously. Recently a post on Hackito from a group of tech enthusiasts speculated on possible security implementation for Sync. We’ve gone through the claims made on Hackito and after reviewing it in full, we do not feel there is any cause for concern.

 

To address the main points made in the study’s conclusion:

 

- Folder hashes are not the folder key (secret). They are used to discover other peers with the same folder. The hashes cannot be used to obtain access to the folder; it is just a way to discover the IP addresses of devices with the same folder. Hashes also cannot be guessed; it is a 160 bit number, which means that it is cryptographically impossible to guess the hash of a specific folder.

 

-Links make use of standard public key cryptography to enable direct and secure key exchange between peers. The link itself cannot be used for decrypting the communication as it only contains the public keys of the machines involved in the exchange. After a direct connection is established (the user can verify that by comparing the certificate fingerprint for both peers) Sync will pass the folder key over an encrypted channel for the other peer. In addition, the public key and the folder hash appear after the # sign in the URL, which means that all modern browsers won’t even send this to the server. Additional features have been implemented to further secure the key exchange using links, including (1) the links automatically expire within 3 days (set as default) and (2) explicit approval is required by the inviting peer before any key exchange takes place (also set as a default).

 

- We host a tracker server for peer discovery; the tracker is only there to enable peers to find each other. It is not a part of the folder exchange. As mentioned earlier, the hashes cannot be used to obtain access to a folder.

 

- Sync security is completely dependent on client-side implementation. The public infrastructure is there to enable better connectivity and a more user-friendly folder sharing experience. Compromising the public infrastructure cannot impact the security of Sync

 

- Like with any other solution, the user needs to secure access to their machines using proper passwords, proper firewall configuration, and the like. Should an attacker gain root or physical access to the machine, it can modify any element of the attacked system. This is not an issue with Sync, but basic security protocol.

 

We’ve been talking with the folks who posted on Hackito to clarify these issues. We’re sure they had the best of intentions with this exercise, but as they have stated, their review was not a professional assessment. As always, we welcome and appreciate a responsible discussion on security.

 

 

 

K.  Lissounov

BitTorrent Sync General Manager

 

SyncSecurityAudit.jpg

Share this post


Link to post
Share on other sites

Your whole response can be summarized as "trust us," which I don't.  My private data is too important to be left to closed source.  Moved on to syncthing a while back, and I encourage others to do likewise.

Share this post


Link to post
Share on other sites
Guest proactiveservices

I am used to reading technical reports in English when the author is not a native speaker. It can make text seem unprofessional and inarticulate, but over the years I have overcome this bias and I like to think I am a good judge of such texts.

 

The entire article struck me as being vague, hasty and written to grab headlines. It was littered with assumptions, fallacies and blatant guesswork! The authors did not even know how BitTorrent Sync works - and I mean the concepts - yet still came up with a list of "security problems".

 

BitTorrent has succinctly put across a similar analysis by explaining the terminology and concepts that Sync uses. This shows that most of the article was factually incorrect and renders moot the alarmist opinions drawn from it. Show me some facts and I will be worried. Until that point I am not in the least bit moved.

Share this post


Link to post
Share on other sites

Seriously, you guys should sue this clueless bunch of clowns into oblivion. The damage to your reputation is already done as they've been quoted by several "prominent" websites. Unless they're all underage that is, which wouldn't surprise me given their lack of ability to grasp the most basic (well documented) technical concepts behind the BitTorrent Sync and cryptography in general. My first reaction after reading just a headline for these "news" was "some loser mistook the hashed secret for an actual secret" and, sure enough, that is exactly the case. However sad, this could well mean the death of Sync. Don't let it slide. What a useless bunch of arrogant, uneducated punks; I hate those types with passion.

Share this post


Link to post
Share on other sites

Top comment on the Hacker News thread:

 

> BitTorrent Sync remains the most secure and private way to to move data between two or more devices.

That very first sentence will always be false as long as it isn't open source. (Even the protocol isn't publicly documented, last I checked.) I'm not an open-source purist, but the way they always promote as being the most secure, private option out there while completely ignoring that fact is frustrating.

I haven't tried using it, but Pulse[0] appears to be an open source replacement for BitTorrent Sync. I figure it's relevant to this thread.

[0]: https://ind.ie/pulse/

EDIT: ef4 mentioned Syncthing in his comment. Pulse was forked from Syncthing. I think they're still compatible with each other at the moment. Nice explanation at https://discourse.syncthing.net/t/syncthing-is-still-syncthi....

 

I love BT Sync, and will most likely continue to use it, but the author has a point. As long as the implementation details remain unpublished, it's impossible to verify your claims. Therefore, the people for whom security is a 100% matter, not a 99% matter, best choose a solution that allows, and can withstand, scrutiny.

Share this post


Link to post
Share on other sites

> the people for whom security is a 100% matter, not a 99% matter, best choose a solution that allows, and can withstand, scrutiny.

 

Oh, please. Just stop.

 

(I apologize in advance because this is me writing when I'm tired and a little more cranky than usual. Please don't take any of this personally.)

 

100% security is a lie. It's a myth. It doesn't exist.

 

Open Source does not mean 100% secure (See `bash` and `openssl` for recent examples.).

 

It's an unfounded lie that keeps getting repeated because it's an attractive myth among a certain group of people who have a lot of choices for open source software, but always want to attack closed source software as being Not Good Enough.

 

(Not that they'd be willing to _pay_ for an open source program, of course, because "freedom" means never having to pay anyone to write flawless software.)

 

I assume that the Hackito post was some combination of an attempt to grab some headlines and attention while spreading FUD about a closed source program in some ill-conceived attempt at pressuring the BitTorrent Sync developers to open source their app.

 

 

As for Pulse, they have an FAQ:

 

> Why is the setup so complicated in comparison to BTSync?

> https://pulse-forum.ind.ie/t/why-is-the-setup-so-complicated-in-comparison-to-btsync/444

>

> Security over convenience.

 
There you go. If you want security over convenience, you have an option available. Lots of options, in fact.
 
(Is it, in fact, more secure? Chances are good that you don't know, because you haven't looked at the source, but you might assume that other people have, and so it's more secure because more eyes have looked at it. Except, of course, for the bash and openssl counter-examples. And those are just the most recent ones.)
 
If you want 100% security, encrypt the hard drive, disconnect the power from the computer, and lock it away in a bank vault.

 

</rant>

 

Now I'm off to replenish my caffeine supplies.

 

 

 

Share this post


Link to post
Share on other sites

All

First time poster - please be gentle with me.

I've used BTS for a while, and fully appreciate the resources that must have gone in to this solution, at the back of my mind I've always wondered why the software code hasn't been available for the community elders to review? I would have thought many eyes are better than a few pairs? Through this, surely the usual lifecycle of bugs and improvements can be processed at incredible speed?

On my own install of a few NAS units, a Mac and 2 Windows pc's I've noticed the software tries to http connect to websites at random intervals completely unrelated to BTS?

Also, and this is probably me being picky, I noticed the letter didn't have a date on it?

 

 

Edited: Letter date, not test date

Edited by btsyncdaz

Share this post


Link to post
Share on other sites

Also, and this is probably me being picky, I noticed the letter didn't have a date on it?

"During the weeks of July 14 and 21, 2014 .... BitTorrent Sync applied generally accepted cryptographic practices in the design and implementation Sync 1.4 as of July 2014"

Share this post


Link to post
Share on other sites

I was wondering if you plan on releasing more parts of the report done by iSECPartners? Maybe just redacting the proprietary stuff. I'm more interested in how the Transport encryption is being implimented in memory and also the encryption for the remote storage created using the Encrypted Key. It would be interested to read iSECPartners opinions on these things.

 

Thanks.

Share this post


Link to post
Share on other sites

We released everything that we are allowed to release in accordance with iSec agreement. 

 

BTW, iSec is the company that will do professional security audit of TrueCrypt.

Share this post


Link to post
Share on other sites

Unlikely that BT is purposely going to burn a (successful) product like btsync

  • that could mark computer history
  • when content distribution is a booming business
  • when NSA wiretapping is still hotly debated
  • with enterprise market in mind

just for a naive and superficial approach to security.

Share this post


Link to post
Share on other sites
Bittorrent Sync: Security Is Our Highest Priority

 

 

​Yet you chose not to replicate file permissions across platforms?

So files and folders with strict security permissions are replicated without any permissions what so ever facepalm.gif  

Share this post


Link to post
Share on other sites
I can't see much benefit in the new "link" approval system in terms of security.

If anybody is able to harvest my key by any means they still have access to ALL my data without restrictions.

The approval has to happen when the peer first tries to access the sync folder with the master key regardless of how the key was obtained.

 

For example: 

- the more people write tools around the BTSync API the more we'll have to provide our keys which makes them easy to harvest and without any access control the data is vulnerable.

- on some NAS devices they are unofficial distributions of BTSync. How easy would it be to keep track of all the master keys users enter and then access their data?

- I'm sure there are plenty of other ways to get keys

 

Here a couple more discussion regarding the topic:



 

Once this is fixed I'd love to really embrace BTSync.

 

Thanks,

Patrick

Share this post


Link to post
Share on other sites

​Yet you chose not to replicate file permissions across platforms?

So files and folders with strict security permissions are replicated without any permissions what so ever facepalm.gif  

 

It was an interesting discussion a while back, but let me explain why it wasn't solvable in 1.x releases. First of all you will need to synchronize file uid/gid together with permissions. Which might be fine, if there are two machines that are owned by you and you are guarantee that users/groups are identical between these machines. Majority of users will not be able to do that and this will lead to a complete mess. And keep in mind Linux -> Win/MAC synchronization. 

 

This was simple usability problem, rather than technical. 

 

I can't see much benefit in the new "link" approval system in terms of security.
 

 

Links solves two problems:

 - Eliminate need of transferring keys over insecure media such as e-mails.

 - Better usability for first time users. Now I could share folders with my mother :) Which doesn't sound like a big security thing, however I am sure she won't be able to handle folder keys properly and might expose it. So this is a security improvement too.

 - Links were a first step towards new certificate based model, that is fully implemented in Sync 2.0. This model gives us granular control over permissions with the ability to revoke and change it on the fly. 

 

kos

Share this post


Link to post
Share on other sites

If security is your number one priority devise a system that doesn't allow anyone to see others IP addresses! Why would anyone want to share a file using bittorrent sync when their IP address is revealed?

 

Yeah, brilliant idea! Let's make the bunch of computers directly sharing stuff between each other not know any other's IP address!

That's genius, why haven't I thought of that? Let's just make them exchange the data through the central server, like Dropbox! Oh, wait...

Share this post


Link to post
Share on other sites

If security is your number one priority devise a system that doesn't allow anyone to see others IP addresses! Why would anyone want to share a file using bittorrent sync when their IP address is revealed?

 

Yeah, brilliant idea! Let's make the bunch of computers directly sharing stuff between each other not know any other's IP address!

That's genius, why haven't I thought of that? Let's just make them exchange the data through the central server, like Dropbox! Oh, wait...

 

IP addresses and peer data could be encrypted with a derived key, like the ENC-RO key. That's just one idea.

Share this post


Link to post
Share on other sites

It was an interesting discussion a while back, but let me explain why it wasn't solvable in 1.x releases. First of all you will need to synchronize file uid/gid together with permissions. Which might be fine, if there are two machines that are owned by you and you are guarantee that users/groups are identical between these machines. Majority of users will not be able to do that and this will lead to a complete mess. And keep in mind Linux -> Win/MAC synchronization. 

 

This was simple usability problem, rather than technical. 

 

kos

 

Hi Kos, are you suggesting this has been resolved with 2.x?

Share this post


Link to post
Share on other sites

Without opensource implementation open to general peer review talks about security are just a matter of trust, which by default is "do not trust corporations", are there any plans on releasing opensource version or protocol details so that somebody could implement a client?

Share this post


Link to post
Share on other sites

BitTorrent Sync remains the most secure and private way to to move data between two or more devices. And for good reason, we’ve built it that way. Rigorous third-party security audits have been conducted to verify the product’s security architecture, validated by the attached report.

It is great to read that security is your highest priority.

For me, as a customer, it is crucial to know that btsync 1) does what it is supposed to do, and 2) never does something it is not supposed to do. We can do extensive testing on the first topic, but not on the second topic. Does btsync contain backdoors? Will it leak my precious data to some foreign server? We don't now, and we cannot know.

Security is our highest priority as well. Are you going to publish reports of rigorous third-party security audits that address these concerns? Reports that include the checksums and/or GPG signatures of the downloadable binaries that correspond to the audited sources?

Share this post


Link to post
Share on other sites

BitTorrent Sync remains the most secure and private way to to move data between two or more devices.

 

No it is not. Syncthing [1] is more secure. With syncthing you need to explicitly authorize every peer and allow access to every folder you want to share with them. They need to authorize you as well. It is not convenient but is more secure then BTSync - where all you need is to know the secret and then you have access to files. Secrets can leak e.g. while in transfer - sending by email, chat etc.

 

Syncthing does not suffer this problem, therefore it is more secure than BTSync. So, the first sentence is not true.

 

Furthemore many of your claims cannot be validated, you just need to be trusted. For example, users of BTSync cannot be sure, that when NSA would come to you, you would not be able to compromise something. With Syncthing which is opensource and uses open source protocol and does not need to use any public parts to discovery etc. The Syncthing remains the most secure and private way to share files, not BTSync.

 

[Removed link - RomanZ]

Edited by RomanZ
Removed advertisement link

Share this post


Link to post
Share on other sites

@urza

Let me comment out.

[...] where all you need is to know the secret and then you have access to files. [...]

It is not true starting from version 1.4. Sync v1.4 can generate a link which requires explicit approval from resource owner to actually share the key. You can see this article for more details on how it works. Sync 2.0 has even more advanced protection and no longer operates key, but uses X.509 certificates instead and can revoke access to already existing share.

 

Furthemore many of your claims cannot be validated, you just need to be trusted.

At the end of day open source also has to be trusted: vast majority of users have no skills to verify what was written by devs. As well, majority of developers have no security verification / penetration testing skills to verify that code is secure and ensure that no other devs managed to deploy a well-hidden backdoor.

A heartbleed vulnerability in OpenSSL would be a good sample here.

 

Also, as topic states - security is really our top priority. To ensure that Sync is implemented in a secure way, BitTorrent passed a security audit by 3rd party company (iSEC Partners). So yes, BitTorrent Sync is secure application.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now