Loris Chiocca

Adding encrypted folder shows weird confirmation

Recommended Posts

Hi,

I'm trying out the encrypted folder feature, which sound really great! There is just one thing that is troublesome. When adding an encrypted folder I first select the down arrow beside the "Add Folder" and select "Encrypted folder". I naturally select a folder that I want to back up encrypted on an unsecure server. After having selected the folder, I am prompted with a confirmation "Destination folder is not empty. Add anyway?". What exactly should this mean? Am I only supposed to select an empty folder?! I thought the idea was to be able to sync an existing folder to another destination but encrypted. Did I get something wrong?

Thanks for any reasoning

Loris

Share this post


Link to post
Share on other sites

"Destination folder is not empty. Add anyway?" simply alerts you to the fact that the folder you're adding already contains some content (which could be overwritten when the folder syncs with other devices)  - you can however still add the non-empty folder to Sync!

Share this post


Link to post
Share on other sites
9 hours ago, GreatMarko said:

"Destination folder is not empty. Add anyway?" simply alerts you to the fact that the folder you're adding already contains some content (which could be overwritten when the folder syncs with other devices)  - you can however still add the non-empty folder to Sync!

I guess what would be interesting to understand what actually happens when a non-empty folder is added - btsync doesn't give any explanation in the warning. Are existing files ignored; are they synced unencrypted; are they deleted; or what ? Similarly, if those existing files are then modified after the folder is set as an encrpted share - what then ?

When you say *could* be overwritten, in what circumstances might that occur - that would seem the most significant outcome people may be concerned about  ?

Thanks.

 

Share this post


Link to post
Share on other sites
11 hours ago, GreatMarko said:

"Destination folder is not empty. Add anyway?" simply alerts you to the fact that the folder you're adding already contains some content (which could be overwritten when the folder syncs with other devices)  - you can however still add the non-empty folder to Sync!

Well, the thing is, if I add a standard folder it doesn't ask me that confirmation. It only asks when I add an encrypted folder. It's more about UI consistency. Actually, the thing that bothers me the most about that warning is the word "destination". I'm choosing a *source* not a destination. This leads to questions that @PaulU correctly deducted.

The next thing that I find strange is that if I already have a standard folder (that is currently syncing on multiple machines), then it should be possible to add an encrypted target to that mesh. Currently I can only see the RO and RW keys. It would be really great if you could add a feature that "converts" a standard RW/RO keyset into a RW/RO/E keyset.

Share this post


Link to post
Share on other sites
On 2016-02-24 at 7:32 AM, Loris Chiocca said:

Well, the thing is, if I add a standard folder it doesn't ask me that confirmation. It only asks when I add an encrypted folder. It's more about UI consistency. Actually, the thing that bothers me the most about that warning is the word "destination". I'm choosing a *source* not a destination. This leads to questions that @PaulU correctly deducted.

The next thing that I find strange is that if I already have a standard folder (that is currently syncing on multiple machines), then it should be possible to add an encrypted target to that mesh. Currently I can only see the RO and RW keys. It would be really great if you could add a feature that "converts" a standard RW/RO keyset into a RW/RO/E keyset.

Never thought about the abscense of the warning on Desktops, but on my Android i always get a warning if the destination folder has content.

+1 it could be more clear what the outcome of merging dirs would be, maybe a 'questionmark' or something within the warning, which indeed should be consistent where applicable.

 

I too think it would be smooth if standard folder-type just evolved and got more features instead of us having to choose or re-create shares to enjoy new features like encryption, however you have to take backward compability into conscideration.

 

I suspect they're trying not to mess up for legacy versions too much. At some point it might be neccesarry to deal with it, like in a major update, but having users being forced to upgrade dozens of peers at the same time wouldnt be acceptable neither.

I've neither got insight in their dev.  nor am I a developer (since many years) so its merely a guess though :-p

 

Share this post


Link to post
Share on other sites

I have exactly the same situation as Loris. 

I have a folder that I want to make an encrypted backup elsewhere. I thought that the only thing I needed to do was, in the original computer, go to Sync UI select encrypted folder and then select the folder I want to backup encrypted elsewhere, but then I read Destination (?!) folder not empty. Add anyway?

 

Destination!? no!!! Source!!! And now Computer 2 sees no encrypted files of the original folder! Only when I add a new file to that orignal folder will I see an encrypted file on the folder on computer 2!

 

This is odd. Are we doing something wrong?

 

Please help!

Share this post


Link to post
Share on other sites

+1 same situation as nunocalaim and Loris

How is it possible restore an encrypted folder (for backup or other disaster)?
I have not found
options in the interface to do this and I have exactly the same problem as nunocalaim

 

Edited by fix00

Share this post


Link to post
Share on other sites

Hi all. It's a cosmetic bug. The "Destination folder not empty" message should only appear when you receive a link or key and order Sync to store data you are going to receive in non-empty folder. The message idea is to warn you that the data arriving will be merged with one in folder you select automatically. Therefore, some of your files in destination folder could be overwritten. Thanks for reporting.

@PaulU

Quote

Anyone in Sync support able to shine some light on this ?

With great pleasure. See above... and below :). Don't hesitate to ask if something is still unclear.

@nunocalaim

Quote

Destination!? no!!! Source!!! And now Computer 2 sees no encrypted files of the original folder! Only when I add a new file to that orignal folder will I see an encrypted file on the folder on computer 2!

It's peer-to-peer network. So, every source is a bit destination, too. If you add the same key on other peer, Sync may deliver files to something you consider to be "source".

@fix00

Quote

How is it possible restore an encrypted folder (for backup or other disaster)
I have not found in the interface options to do this and I have exactly the same problem as nunocalaim

Yes, it is possible - if you still have RW/RO key. For example, you've got a PC with RW key and VPS with Enc key. Data is synced fully to VPS. Now your PC crashes and wipes out all data (keep calm, its just a sample ;) ). To get data restored from Enc peer, you need to get any other computer, install Sync and put the RW or RO data there. VPS will start seeding data and populate empty folder on new computer.

@ivarson

Quote

I too think it would be smooth if standard folder-type just evolved and got more features instead of us having to choose or re-create shares to enjoy new features like encryption, however you have to take backward compability into conscideration.

Encrypted folders require significantly more resources than regular ones (even if you actually don't use the Enc secret, just RW and RO) - therefore we want user to understand what he is doing and don't want to make all folders "Encrypted" by default.

Share this post


Link to post
Share on other sites

Thanks for the reply RomanZ


my case is this:
PC1 (RW key) VPS1 (encrypt key), all synchronized, so everything is right
something goes wrong and dies PC1 and VPS1 but from this I pull out the encrypted folder intact.
I move the encrypted folder on VPS2 and connect the folder with encrypt key (the same as VPS1and obvious message "Destination folder is not empty. Add anyway?"
Finally setup PC2, with RW key the same as PC1


in the tests I've done, VPS2 does not transmit data to PC2, however, if PC2 adds a file works
Encrypted files in VPS2 are not erased and not even modified

there are limitations in this regard?
the encrypted folder must have the same name and the same position in different VPS?
it is necessary to wait and/or force rechecking?

ps. I used the same version for all peers

Share this post


Link to post
Share on other sites

@fix00 Your steps are okay, except where you migrate VPS1 to VPS2. The truth is that files are encrypted, and to calculate decryption key Sync needs 2 pieces of information:

  1. RO or RW key (encrypted won't fit here, obviously)
  2. Files database from encrypted peer.

So, when you migrate from VPS1 to VPS2 you also need to:

  1. Ensure that you copy not only your encrypted files, but also storage folder.
  2. Place Synced folders with exactly same paths they were on VPS1
  3. Run Sync in a way it picks up old storage folder.

In this case, Sync on VPS2 is going to seed your encrypted data as you expect.

Share this post


Link to post
Share on other sites

@RomanZ
Doing also storage folder backup it Works!
But.... there is no alternative to rebuild the "Files database"?

which is the "Files database"? I can only save this rather entire storage folder?
if I keep to synchronize "Files database" between VPS1 and VPS2 they can share the same encrypted folder?
(so that PC2 can draw from them VPS1 and VPS2 as two different and independent peer)

Edited by fix00

Share this post


Link to post
Share on other sites

@fix00 No, it can't be rebuild. Consider it has a piece of key for every file and folder, while second piece is RW or RO key. Killing DB kills one piece of key and files recovery becomes impossible.

Under "files database" I actually meant whole storage folder. Technically, keeping *.db and *.dat would be enough, but I never experimented in such way. In lab I always transferred whole storage folder which makes transfer from one VPS to another kind of "transparent" to your encrypted peer.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.