kvv213 Posted April 1, 2016 Report Share Posted April 1, 2016 Hello Everyone! I'm thinking about securing usage of BTSync. Encrypted folders are superb but there is a lack of security. It is not in the manual but every instance of BTSync organizes a folder with name .SyncUser with numbers. This folder contains very sensitive information... It contains the keys! Imagine that you are using Synology or Windows. You installed BTSync, set it up, set some encrypted folders, use BitLocker or eCryptFS for your sensitive folders and think that everything is very secure. But.... But the problem is in the process how and where BTSync stores the keys and other core information. It stores that at .SyncUser forlder folders and files. For example, under Windows that folder locates at AppData\Roaming\BitTorrent Sync. And by default this folder is not protected with BitLocker (moverover most of the users don't understand where the BTSync is installed at all). The same thing with Synology or Ubuntu. So if this folder is not secured somehow then someone with admin account at the same computer can easily steal your keys. Or detach your HDD and attach it to another computer, get your private keys and steal all your data. You should pay attention to that and use BitLocker or eCryptFS folders to store BTSync .SyncUser folder. In a case of a server usage - use only encrypted BTSync folders or use BitLocker/eCryptFS with storing of the certificates in TPM module. That will be great if someone give me a clue for the following: a. how to move .SyncUser folder to an encrypted directory at Synology. b. tell me more about different files and directory names inside .SyncUser folder. Thank you in advance. Quote Link to comment Share on other sites More sharing options...
RomanZ Posted April 4, 2016 Report Share Posted April 4, 2016 @kvv213 If someone gets full access to your Sync installation - he still can get to the keys. If not via .SyncUser folder, then via sync.dat file (which also contains full info about your shares). It's a matter of OS to protect data on HDD. Answering your questions: a. Just move it. It is regular Sync folder so you can move it around and Sync will follow. Exception is different partition (Sync uses folder ID to keep track of it, so moving to another partition is kind of delete-and-create action which Sync can't track). If you are not sure - just back up your whole storage folder prior moving it. b. Files and folder names there are pretty much self-descriptive. .SyncUser<timestamp> is your My Devices folder which contains full information about your folders, devices, notifications - everything that is tied to identity rather than to your Sync instance or any of folders. Quote Link to comment Share on other sites More sharing options...
kvv213 Posted April 4, 2016 Author Report Share Posted April 4, 2016 Thank you! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.