
BitTorrent’s Secure Dropbox Alternative Goes Public - ninthfrank07
http://torrentfreak.com/bittorrents-secure-dropbox-alternative-goes-public-130423/
======
buro9
Really nice, but the thing is... Dropbox has gone beyond just file sharing.

One example: I used to use Flickr for photo sharing, but cameras got better,
images got bigger, and I have a lot of photos. I moved from Flickr to Picasa
as it could cope with the directories full of photos and I didn't have to
manually upload them and Google's storage space was cheaper. Then I ran out of
space... over 100GB of photos, where next?

Hello Dropbox: <https://www.dropbox.com/sc/um5zf95urdk3zmg/2SaSCUIQd8>

And I've told a few photographers about this, and a few weeks later a friend
of a friend of a friend excitedly told me on a forum how you can photo share
in Dropbox.

And what I'm basically seeing is that the problem of "file sync" is being
considered as solved by lay consumers, who really aren't prioritising
encryption, and the problems that they now have is "share this directory of
photos", and "share that directory of videos", and "sync this music privately,
but let me play it back".

Dropbox isn't just file sync anymore.

What it is, is a serious threat to Flickr, Picasa, YouTube, Amazon MP3 Locker,
Google Play Music, iTunes, etc.

And consumers are not thinking in terms of encrypted sync, they're just
thinking in terms of "I just want to do X, why is it so hard", and so I can't
see this (very nice) solution really solving the problems that consumers have,
that will make them prioritise security.

~~~
k2enemy
> And consumers are not thinking in terms of encrypted sync, they're just
> thinking in terms of "I just want to do X, why is it so hard", and so I
> can't see this (very nice) solution really solving the problems that
> consumers have, that will make them prioritise security.

I have a use case that is pretty common among my peer group and BT Sync has
been the best solution I've been able to find. In a nutshell, I need to sync
large datasets across multiple computers.

Dropbox: expensive

AeroFS: buggy, used too much bandwidth, and slow

Sparkleshare: uses git which chokes on large files

Git Annex Assistant: didn't work reliably on mac

rsync/duplicity/unison: needs extra logic for detecting file changes

I also think the "Dropbox replacement" idea is a strawman created by the
TorrentFreak article. I've never had the impression that BT Sync is trying to
replace Dropbox. It is just trying to do p2p sync with a great interface and
some nice features such as read-only and one-time secrets.

~~~
nessus42
For the reasons that you've specified and others, I rolled my own very simple
sync system based on Git.

The biggest problem I _personally_ have with Dropbbox et. al, is that none of
the commercial solutions sync symbolic links _opaquely_. ("Opaque" syncing of
symlinks means to sync the links themselves and not what the symlinks link
to.) I use symlinks heavily and so I absolutely require this feature. Most of
the commercial solutions just ignore symlinks, but Dropbox does the worst
thing possible and treats symlinks _transparently_. This is utterly wrong and,
in fact, downright dangerous!

Another feature that I need for telecommuting software development is to be
able to exclude artifacts from what is synced. Eclipse, for instance,
constantly churns out artifacts, and I certainly don't want or need those
artifacts to be synced.

Two problems with my roll-your-own little syncing system remain: (1) The large
file issue that you mentioned. (Sparkleshare is much worse in this regard than
my system, last I tried.) (2) I know of no way to have the Git instance that I
use for syncing not pay attention to the .gitignore files that are used by the
Git instance that I use for version control. Annoying!

In any case, I'm very glad to hear that BitTorrent seems to be coming up with
a solution that will address all my issues, and I won't have to roll my own
anymore.

~~~
veidr
You are right: Dropbox's behavior with regard to symlinks is _fundamentally
wrong_.

It is kinda lame that other services, e.g. Google Drive, just skip symlinks,
but that isn't as dangerous. The hierarchical structure of a directory tree is
often effectively part of an application's data, and Dropbox silently corrupts
that data. This can cause crashes, or multiple conflicting copies of not-
easily-merged data to be strewn about in different places.

It's also hard to initially notice how broken it is, since symlinks work on
the first machine where Dropbox encounters them, but then on all subsequent
client devices that Dropbox sees are replaced with some version of whatever
data they point to.

~~~
nessus42
_> You are right: Dropbox's behavior with regard to symlinks is fundamentally
wrong._

What's even worse, is that no matter how hard I try, I am not able to convince
most people of how wrong this is--even those who claim to be and should be
computer savy. E.g., on support forums for other sync services, users are
typically clamoring for Dropbox-style syncing of symlinks, and they will not
be convinced otherwise, in spite of all reason. And despite 30 years of hard-
earned experience with symlinks that irrefutably demonstrates that transparent
syncing of symlinks is nothing but badness.

But thank goodness that BitTorrent got it right!

~~~
davidjade
Yeah but the real problem, the ones users are trying to solve is the limits on
having to move everything into one sync folder. Transparent symlinks are the
cheap fix for them so that they can keep their files where they want and still
have them sync. The better solution would be to just allow any folder(s) to be
synced but none of the major cloud sync providers seem to want to enable that.

~~~
aroemers
Have a look at <https://www.cubby.com/>. It syncs existing folders you want
to, and per synced folder you can decide to use their cloud or sync directly.

~~~
veidr
Cubby apparently also completely broken when it comes to symbolic links.

[http://help.cubby.com/forums/169907-general/suggestions/3529...](http://help.cubby.com/forums/169907-general/suggestions/3529481-syncing-
of-symbolic-links-and-packages-in-osx)

------
uses
I've been using BitTorrent Sync for the past week. For the use case of sharing
large files, it obliterates Dropbox, AeroFS, and Cubby.

It distributes the files intelligently and makes optimal use of everyone's
bandwidth. Dropbox, for example, slowly uploads all files to the cloud before
distributing them, plus there's the space issue. AeroFS allows unlimited
space, but is far slower than my Internet and LAN speeds allow, and does
things like trying to upload the same file, linearly, to every peer at once.
Cubby has limited space and has the same slow syncing problems.

I'm running BitTorrent Sync on my 6 year old Windows 7 Thinkpad, a newer
Windows 8 desktop, a Digital Ocean Ubuntu VPS, and a Synology DS110j NAS. It
runs perfectly on all of the above, and provides a useful web interface for
the VPS and NAS.

~~~
evanw
How does it handle scenarios where files were modified offline on two separate
devices? Is it able to identify conflicts?

~~~
uses
Look under "What if several people make changes to the same file?"
<http://forum.bittorrent.com/topic/16410-bittorrent-sync-faq/>

~~~
zwily
TL;DR - Last writer wins.

------
api
And the wheel turns:

[http://www.retrologic.com/jargon/W/wheel-of-
reincarnation.ht...](http://www.retrologic.com/jargon/W/wheel-of-
reincarnation.html)

The wheel of reincarnation I'm referring to in this case is the cycling
between a mainframe/thin-client architecture and a PC-based distributed
architecture.

In ye olde days it was mainframes and dumb terminals. Then it was PCs and
LANs/the Internet. Then it was web browsers and tablets (dumb terminal 2.0)
and The Cloud (mainframe 2.0). Now the wheel is turning once again...

The cloud is great as long as I don't care who owns my data, want to pay
constantly for hosting it (or put up with arbitrary and changeable limits),
have no privacy, lose my data when a startup goes out of business, etc.

~~~
tunesmith
Isn't the ideal kinda both/neither?

Get a "dumb" laptop with plenty of horsepower/space, sign in to something and
sync everything over (chef/puppet/btsync/dropbox), do a bunch of work locally,
then wipe the laptop.

I'd love to have my whole laptop identity work that way. It's sort of possible
now but it takes forever to convert all your data and apps over to that
approach.

~~~
burrows
You might like <http://projectmeadow.com>

------
goronbjorn
This seems ideal for the enterprise use case, in particular because it's
extremely performant, secure, and doesn't require a central/third-party server
(e.g. AWS). The 'must always be online' requirement is actually a plus, not a
minus for that crowd. Enterprises are generally very concerned about being
able to revoke access to a given resource instantaneously. Any app that stores
local copies complicates that quite a bit.

People will dismiss this as 'a toy that geeks use', but as Chris Dixon has
noted, 'what the smartest people do on the weekend is what everyone else will
do during the week in ten years' [1]

[1] [http://cdixon.org/2013/03/02/what-the-smartest-people-do-
on-...](http://cdixon.org/2013/03/02/what-the-smartest-people-do-on-the-
weekend-is-what-everyone-else-will-do-during-the-week-in-ten-years/)

------
Shish2k
Looking at some of the examples, I'm starting to see a future where people
trade entirely in hashes - send some amount of bitcoins to address X, receive
access to read-only access to bittorrent folder Y which is automatically
populated with the latest TV episodes for a series, etc. Any idea how to apply
that sort of anonymity and convenience to the real world though? Scanning QR
codes with a phone seems to be the best so far, still more fiddly than cash
though...

~~~
polarix
You might think you could possibly have done this in the physical world for a
few years now. Don't fool yourself. You have a face and DNA. You will _not_ be
anonymous (or even pseudonymous) as long as you carry a body.

~~~
fragsworth
Your actions can (and should) be anonymous in situations where there is an
expectation of privacy.

------
ChuckMcM
So now you have in place all the bits you need for a "members only" netnews
feed, someone should go dig up the code and create a 'news' sync'd document.
If you played your cards right you could use off the shelf news readers that
look into a local repo of the news.

With just a tiny bit of crypto code you could add a repudiation feature (keys
signed by the secret vs the secret itself) and control access to both
individual groups and individual users.

~~~
vy8vWJlco
Just to make the connection for others, you are describing something that can
be used for chat AND binaries. As ugly a hack as it might be, (speaking to the
choir, I know) there is tremendous value in simply being able to move messages
(in this case, as simple files), between buddies without needing an "account"
with a "service" (of the type that motivates people to excessively use
"quotes").

------
SkyMarshal
TLDR:

 _> BitTorrent Sync’s functionality is comparable to services such as Dropbox
and Skydrive, except for the fact that there’s no cloud involved. Users sync
the files between their own computers and no third-party has access to it._

 _> It is an ideal tool for people who want to share large amounts of data
between computers without going through third-party services._

 _> The Sync application is available for Windows, OSX, Linux and has the
ability run on NAS devices through a web-interface. Readers who are interested
in giving it a spin can head over to BitTorrent labs [1], where the Sync app
can be downloaded._

[1]: <http://labs.bittorrent.com/>

~~~
lucb1e
I'm more interested in the TLDR of how this works. Due to firewalls and such,
it's technically _impossible_ to have a peer to peer network without requiring
port forwarding on at least one side. I wonder if they're really requiring
that from users that want to use this.

Another way would be to do TCP or UDP hole punching, but that involves a third
party for initial setup. Probably possible and probably safe, but I'd like to
see a security review of that.

------
thisisrobv
The "Dropbox Alternative" marketing line seems to really be what's confusing
people... this is not Dropbox.

You have to have a source always online, there's no third party service
sitting in the cloud syncing all of your computers, it passes that
responsibilty onto the user. That said, I'm surprised they aren't trying to
"consumerize" this into a hardware product.

Space Monkey has seen a ton of success recently and are well beyond their
funding goal on
Kickstarter([http://www.kickstarter.com/projects/clintgc/space-monkey-
tak...](http://www.kickstarter.com/projects/clintgc/space-monkey-taking-the-
cloud-out-of-the-datacente)). The thing that immediately came to mind for me
is that this is really a job for Bittorrent.

A NAS device makes complete sense and if they could build a better experience
around that, similar to what Space Monkey is doing, seems like a huge
opportunity.

------
Angostura
Is this the first time that a product has been launched with the primary
motivation of showing that a particular protocol is good for things other
illegal filesharing?

Up until now BitTorrent aficionados have tended to be forced back to the "I
use it for Linux distros" when defending the protocol against ISPs and
businesses looking to shape or block BT traffic.

If this takes off, then the "its only used for nefarious purposes" argument
will be much harder to make.

I suspect that _this_ is the real reason it's being launched - not that that's
a bad thing.

~~~
ephoz
Many gamers are using BitTorrent through Valve's Steam. By which I mean, that
p2p file sharing is hardly nefarious. It's just a clever use of bandwidth.

~~~
javanix
Is Steam actually using BitTorrent? I thought they were using something
proprietary.

If they are _not_ using BitTorrent then Sync would provide a new, plausible
way to stop ISPs from blocking that specific protocol.

~~~
pm90
I remember that Ubuntu used to be available via torrents

~~~
e12e
Still is? <http://www.ubuntu.com/download/desktop/alternative-downloads>

There's also <http://debtorrent.alioth.debian.org/>

Apparently CCP is planning to use bittorrent for the next generation launcher
for EVE online:

<http://community.eveonline.com/news/dev-blogs/74573>

------
namityadav
We're looking at AeroFS and BitTorrent Sync for sharing sensitive files with
our team members. We're leaning towards BS mainly because this feels
completely P2P, whereas AeroFS may become useless if the company shuts down.
Is that right? I'd love to hear from someone who has used both of these about
stability, sync conflicts, CPU load etc. Also would love to hear about plans
to open source BS.

~~~
dagurp
Did you also look at SparkleShare?

~~~
namityadav
Thanks for the suggestion! I just did, and looks like SparkleShare may not be
a good tool if you have very large files (GBs).

------
stephengillie
So this will run on RasPi?

It seems like the next step is for someone to attach a NAS to a RasPi and make
a "syncbox" -- a NAS which auto-syncs to the other NASes you've configured
across the internet.

For end users, they would get 2 and share a secret between them, then install
one at 2 separate offices (or home and office), and any files dumped onto one
NAS are replicated to the other. Basically Dropbox without file limits.

~~~
te_chris
Would totally buy something like that that worked out of the box.

~~~
urza
[http://www.kickstarter.com/projects/transporterguy/transport...](http://www.kickstarter.com/projects/transporterguy/transporter-
a-new-way-to-share-access-and-protect)

~~~
dombili
Works globally, only ships within the US. That's awesome.

~~~
stephengillie
Looking at this, it looks like a 1-stop sharing solution. Im assuming that
when a user shares files from this device, the connection is routed from
Transporter's servers to the users device, allowing the downloader to directly
copy the users file.

I wonder how replication between 2 devices would work...

~~~
bluefinity
File transfers are peer to peer.

------
slg
Since there is no central server, doesn't that mean that one device will have
to be always on? That would add a degree of overhead and complication that
services like Dropbox don't have.

~~~
notdonspaulding
There's a rendezvous server that also serves as a fallback relay in case two
devices that want to sync are behind highly-unfriendly NATs. In that sense,
it's exactly like Dropbox.

But it doesn't store your data, so yes, one device must always be on in order
to sync with a new device. However, if you have a device that needs changes
made on another one, it will just wait around and sync whenever the device
with changes comes back online.

~~~
slg
That might very well rule Sync out for personal use by the general public. The
benefit of Dropbox (and similar server backed services) is that the most up-
to-date version of a file is simply there as soon as you are connected to the
Internet. Most people who have two computers won’t be using them both at the
same time. For example, a common use case for these services is syncing files
while you are traveling. Requiring a user who edits files on a laptop to turn
their laptop on when they get back to the home/office in order for the changes
to be recognize on their desktop seems like a big step backwards. In that use
case Sync would just be a glorified USB thumb drive.

~~~
mikemoka
This project is useless if they don't figure out a way to serve files without
both machines being turned on, there is also the problem of syncing with
multiple clients beside that.

I see two key use cases that could cause trouble:

1)a co-worker turned his computer off and went home from work, the syncing
couldn't complete even if only a single doc was left

2)Because there is no central server if all of my coworkers in a distributed
team sync with my new shared folder at the same time, it is required that I
own a connection capable of supporting that kind of traffic, because it would
be almost the same as streaming a video to multiple users, not to mention that
I would probably have to avoid to browse the web for pretty much anything else
in the meanwhile.

~~~
Floegipoky
I'm not sure what you're getting at with 1- I don't think any service ever can
transfer files to a machine that isn't on. As soon as the co-worker shows up
on Monday, the transfer will finish.

As far as 2 is concerned though, that is not the case. Don't forget, it's
built on top of BT. As each piece of the file gets transferred to other
clients by the original machine, the other clients will be able to send those
pieces out too. In theory it will be faster than a transfer from a central
server.

~~~
mikemoka
1-Actually Dropbox lets everyone do just that, I can access the shared folder
via the dropbox website whenever I want, download files in there and even
access the old or deleted versions..something I see very unlikely in this case
for now

~~~
ptman
Dropbox has servers running all the time.

~~~
BHSPitMonkey
What they're saying is that this is an important advantage that BT Sync lacks.

------
wereHamster
They have a native linux 64bit client, that's great! The linux binary is cli
only, but provides a web interface on port 8888. However, the daemon binds to
address 0.0.0.0 and not just localhost (127.0.0.1 or ::1)! So make sure you
have a firewall. Otherwise everybody can access the web interface and thus
your secrets.

~~~
TheHippo
Or use a config file and bind to whatever you want. Also you could specify a
username and a password for the web gui.

------
joshaidan
What I think will be an interesting use case for this technology is public
file sharing.

If I want to share files with the general public I could just give them a
read-only key and then they'll have a folder that syncs with whatever files I
put into it. It's a new way of content distribution.

Will this be how people distribute music and TV shows?

Will this be the way people subscribe to content in the future?

I could be a game developer, and I could give my users a read-only key to
download my game and at the same time they'll receive any updates I make to
the game when I update the files in the folder.

~~~
twoodfin
This is indeed a great technology. The "push" analog to the original
BitTorrent's "pull". But there's also potential for abuse (or greater freedom
depending on how you look at it!). Say I create a sync folder containing a
bunch of popular films and then widely distribute the read-only key. Thousands
subscribe. Now I have access to what amounts to a botnet that will widely
distribute whatever content I see fit to deposit, more or less untraceably
because the P2P network is so huge, and I or my co-conspirators can insert or
retrieve content from any part of it.

~~~
GhotiFish
That sounds like a brilliant thing for free speech, but watch out, I'm not
sure there's a guarantee of anonymity in crowds for people who have read-write
access, they may be identifiable.

Still reading the analysis of the system. Have to read through the spec.

~~~
twoodfin
What are you reading that has the details?

It would seem to me that read-only peers would have to have the ability to
propagate writes across the network. Why would they have to identify the
origin of the change if they obviously have cryptographically secure evidence
that the change is valid?

------
weej
This is great; however, folks can still securely store data on cloud services.
They just need to take a Trust No one (TNO) approach and encrypt their data to
disk.

For example you can use TrueCrypt and create/mount a drive volume that is
fully encrypted while synced across a file share storage/sync service like
DropBox.

The only downside is that you have to install the TrueCrypt application on
your client device, which does limit is platform offering (currently, no
mobile).

<http://www.truecrypt.org/>

~~~
illicium
Another downside of using Truecrypt is that when you make a change in your
volume, the whole volume file gets reuploaded to your storage/sync service.

A better solution is to use .sparsebundles (Mac only) or something like
BoxCryptor/encfs that encrypts files in the volume individually

~~~
eknkc
Is it? I believe dropbox handles files in up to 8MB chunks. If a chunk is not
modified, it's not re-uploaded.

I use encfs though, good suggestion.

~~~
weej
Good call. I'm not sure of the Dropbox client, but API is variable all the way
up to 150MB. Typical client is "4MB chunk"

<https://www.dropbox.com/developers/core/api#chunked-upload>

------
X-Istence
Wish the source was made available, I have an OpenIndiana server with several
1 TB drives running ZFS and I would love to use something like this... but
only binaries are available.

~~~
Wurlitzer
That's one of the reasons I switched to ZFS on Linux
(<http://zfsonlinux.org>). It has been stable for over a year now.

~~~
X-Istence
If I were to run any other OS with ZFS support it would have to be FreeBSD. I
do not at all like the Linux eco-system.

------
notdonspaulding
I got in on the closed Alpha just last week, and it immediately fit into a use
case I had where I needed to sync a folder on an OSX machine with a remote
linux server. SFTP would have worked in this use case just as well, except it
can be janky to slot into a non-developer's workflow.

Long story short, I setup BS on both machines with an absolute minimum of
fuss, copied the password over, and the folder synced. Definitely does one
thing and does it well.

------
tlrobinson
Ok, now make it totally decentralized and peer-to-peer, with a cryptocurrency
like Bitcoin used to automatically pay peers that replicate your data on an
ongoing basis.

There are lots of hard problems to be solved in such a system (mostly dealing
with the lack of trust), but I think it would be totally badass.

------
solarkennedy
I'm writing a puppet module to make it easy to declare shared folders. I'm
almost done: <https://github.com/solarkennedy/puppet-btsync>

The config file is versatile enough to allow you to turn off the relay servers
/ dht / upnp, etc and simply declare static peers, which is cool.

------
alyandon
Dropbox is the only cloud sync client that I've found so far that has decent
support for hosting TrueCrypt containers. It's unfortunate that my particular
use case is so narrow because I can't really consider something to be a
dropbox replacement unless it:

1) has a fully supported client on Windows, OS X and Linux

2) has that capability to sync with mobile devices

3) uses the native file system apis available on each platform to avoid doing
scans on large numbers of files looking for changes by the last modified
timestamp (so I don't have to disable the TrueCrypt feature that avoids
updating the timestamp on containers)

4) transmits only the changed content of the file instead of the entire file
(so I don't have to transmit the entire TrueCrypt container when only some
blocks in the container have been modified)

Has anyone ran across a service that would allow me to utilize TrueCrypt
volumes as easily as DropBox does across the major desktop operating systems?

------
azar1
Would love it if source was released (or if somebody could point it out to
me).

~~~
Shish2k
No source, but they plan to have an API [1]. Personally I'd be quite content
if they just documented the protocol...

[1] [http://forum.bittorrent.com/topic/8816-will-syncapp-be-
open-...](http://forum.bittorrent.com/topic/8816-will-syncapp-be-open-source/)

~~~
EvilLook
The level of asshurt expressed by GreatMarko in that thread is actually
astounding.

------
fastball
> Those in the closed Alpha have already synced more than 200TB since we
> started the program,” BitTorrent announces.

Umm, how do they know this if the sync is secure and only peer-to-peer?

~~~
evoltix
Good point.

Not sure if this has anything to do with it but by default, "Use relay server
when required" is checked for each folder you share. But I would hope that it
doesn't go through a relay server all the time.

------
visarga
Instead of private (darknet) bittorrenting I'd rather have a solution for all
those files with few seeders who are half dead, in the cloud. It's easy to
torrent the latest episode. Everyone is in on that. But what about the long
tail? We need a different scheme there.

My idea would be to lump together all the files in a huge torrent. That would
inevitably attract many peers, so the problem would be solved if users did
selective downloading, as the whole would be too large for any one of them.

The system would need to use some disk space and bandwidth from each peer to
host some shards of the whole. Not all the data in the mega-torrent would be
downloaded, just some sensible section of it, like, say, 5GB. Between 1000
users, we could have 1TB of files. With a million, we could have a huge
library. This way we could have enough seeds for any part of the whole. Of
course, it would need a way to add new stuff on the fly and balance the
replicas.

tl;dr - I'd rather have a solution for rare torrents. I'm worried for all the
content that is not "hot enough". We could amass a huge library of rare stuff,
in time.

~~~
pixelcort
There are other P2P networks that can give you files based on a hash of their
content, for example ED2K and Kademlia. I think even Gnutella supports hash-
based retrieval.

BitTorrent clients now have distributed hash tables accessible; it would be
nice if magnet URLs could just point to a hash of the file, instead of to a
specific torrent.

Bonus: Even ED2K links point to a tree of hashes, so you can verify the data
while it is being downloaded.

------
mmanfrin
If I remember correctly, this is a lot closer to what the initial technology
of bit torrent was developed for: secure, distributed storage.

------
vy8vWJlco
One of the comments on the TorrentFreak article compares BTSync to FTP.

In one sense, that is not an accurate comparison at all. And yet, it has
enormous potential to fill a similar role.

The secret/passphrase amounts simply to a globally-addressable identifier to a
set of folders that just happen to sync.

It will be trivial to script a loop to watch a control file in a folder to
enable automatic FTP-like transfers between my friends. Even without keeping
the "secret" secret, instead simply treating it as public but discardable, you
have something that can rival (and is a faster-moving target than) file
lockers like Mega and Rapidshare (300 TB do not need to be re-uploaded in
order to change the secret/address).

The sad thing is that NAT and firewalls have starved the Internet to the point
that that simple property (global addressing) seems almost miraculous. (And
that is why IPv6 - or something permitting global addressability, instead of
carrier-grade NAT - is so important going forward.)

------
ivanist
Does the traffic from this appear same as P2P traffic? I think my company
might block my internet access if it finds out that I am doing p2p sharing;
and I don't want that to happen.

------
lifeguard
P2P Protocol

BitTorrent Sync synchronizes your files using a peer-to-peer (P2P) protocol.
This protocol is very effective for transferring large files across multiple
devices, and is very similar to the powerful protocol used by applications
like µTorrent and BitTorrent. The data is transferred in pieces from each of
the syncing devices, and BitTorrent Sync chooses the optimal algorithm to make
sure you have a maximum download and upload speed during the process.

The devices you setup to sync are connected directly using UDP, NAT traversal
and UPnP port mapping. We also provide such additional methods of ensuring
connectivity as relay and tracker servers. If your devices are on the same
local network, BitTorrent Sync will use your LAN for faster synchronization.

<http://labs.bittorrent.com/experiments/sync/technology.html>

------
mrcharles
Can someone give me a quick rundown on how this works, vs security of files?
If it's using the bittorrent protocol, wouldn't that mean that all your files,
even though encrypted, are easily gathered by a third party?

Or does this simply make direct connections between PCs you own and people you
have authorized to share your files?

~~~
qiemem
From the article:

> While Sync uses BitTorrent technology, people’s files are not accessible to
> outsiders. Only those who have the unique private key can access the shared
> folder.

>

> “All the traffic is encrypted using a private key derived from the shared
> secret. Your files can be viewed and received only by the people with whom
> you share your private secret,” BitTorrent explains.

~~~
mrcharles
I read the page, but that doesn't seem clear to me. If they have encrypted
versions of my files, they still don't technically have access to them.

~~~
lifeguard
No. Only key holders have access to the data being shared. It is up to you to
authorize every share with a key. Single use keys can also be generated.

There are relays if you need them due to firewalls:

"We also provide such additional methods of ensuring connectivity as relay and
tracker servers."

But you can opt out of this config.

------
tomkinstinch
This seems like a great way to deploy code and files to thousands of servers.

Anyone here already using BitTorrent for deployment?

~~~
nthitz
TorrentFreak had a few articles about Twitter and FB using BitTorrent for
deployment [http://torrentfreak.com/bittorrent-makes-twitters-server-
dep...](http://torrentfreak.com/bittorrent-makes-twitters-server-
deployment-75-faster-100716/) [http://torrentfreak.com/facebook-uses-
bittorrent-and-they-lo...](http://torrentfreak.com/facebook-uses-bittorrent-
and-they-love-it-100625/) More recently Ars wrote about it as well
[http://arstechnica.com/business/2012/04/exclusive-a-
behind-t...](http://arstechnica.com/business/2012/04/exclusive-a-behind-the-
scenes-look-at-facebook-release-engineering/)

------
overgard
I'm sort of amused at all the dropbox comparisons. This solves a totally
different problem which dropbox was HORRIBLE at, which is sharing music/movie
collections across my machines at home. I'll still probably use dropbox for
documents and stuff, but frankly I never wanted to put my music and tv shows
into dropbox because it would have taken up most of my space very quickly for
the dubious "feature" of uploading all my pirated stuff to a centralized
location. Yay. No way.

Sidenote, but, if Dropbox people happen to be reading this, maybe this will be
a hint: PLEASE ADD MULTIFOLDER SUPPORT. (As in, multiple roots). I know you're
trying to go for a simple aesthetic etc. etc., so you only have "one" dropbox,
but BTSync makes doing that trivially easy. You have no excuse.

------
ritonlajoie
What are the differences with AeroFS ?

~~~
pixdamix
A de facto standard, potential opensource clients, free, server-less, not tied
to a specific company, and more.

~~~
Shish2k
> A de facto standard, > potential opensource clients, > not tied to a
> specific company,

When the source is closed, and the protocol is closed + encrypted? I think you
may be a little optimistic... (Though I do _hope_ that either the source or
the protocol get opened)

~~~
iam
I think that's what made the original BitTorrent popular. The open protocol.
They really need to do the same here if they want this to take off.

------
Xanza
Honestly, I really don't think BTSync should be compared to dropbox, it sends
the wrong message. When people say 'dropbox alternative' people immediately
think "Oh cool, so it can do everything dropbox can do?" Which we all know
isn't the case here.

The best thing about BTSync is it's basically zero configuration. I have it
running on 10 of my boxes so far, and it's working amazingly. Far better than
dropbox -- however, I only need it to sync files between hardware, not for
anything else, like photo sharing, or advanced configuration based sharing. I
just want file A, to be on all configured servers.

TL;DR: Don't compare BTSync to Dropbox, it's not a dropbox alternative. It's
something completely different, entirely.

------
XorNot
I was in the alpha for this, but didn't use it. The single reason was that
they had no solution for "two files modified while offline" at the time.

This is just far too likely for me to remain an unaddressed issue. I don't
know if it's been improved since then.

~~~
jjoergensen
A solution could be to give each of your machines their own folder. In this
folder they are the source and the only machine allowed to make changes. Other
machines can read, but not update.

------
aychedee
This is much more interesting than Dropbox...
[http://www.aychedee.com/2013/04/24/dead-drop-with-
bittorrent...](http://www.aychedee.com/2013/04/24/dead-drop-with-bittorrent-
sync/)

------
malbs
So I just set this up on my home machine and a work machine..

I got caught out with the pre-defined host config because I didn't realise I
needed to allow both tcp AND udp through the firewall, so my work machine was
unable to access my privately shared folder on the home machine (tracker
server/relay server/dht options all disabled)

Once that was sorted, I have a perfectly good replication system working
amonst all my machines, just like dropbox, without the centralised control,
this is awesome

------
gdw2
I'm excited that they support ARM so that we can install it on raspberries,
routers, etc.

~~~
pwelch
Agreed. I think that is a pretty good move for adoption. My QNAP NAS has
always played well with bittorrent and backups. Adding ARM support means you
can use this in a bunch of low power devices.

------
cobookman
If they allowed us to pick and choose what we want to download from friends
shares as well as search our friends shares, this could become an interesting
tool.

Imagine a private p2p site that you and your friends use. You choose who to
share with and what files you can see.

Then add links to give to friends so attaching files in emails would be a
sinch.

------
brownbat
I see Dropbox mostly as a tool to send large files between computers that
aren't both on at the same time:

<http://xkcd.com/949/>

It'd be nice to do that without an escrow, but I'm not sure that's really
possible (without steep obligations on members as to hosting capacity and
uptime).

------
mtpearce
Creating an AMI wired to s3 seems like an obvious next step.

~~~
rsync
We (rsync.net) will implement this on our storage arrays, provided it can run
over SSH in some capacity. That way you can target rsync.net space with BS.

We already do this with git-annex.

~~~
mamcx
That sound great!

I'm building a backup service for sql server, and wonder if this route could
be better than rsync?

------
lifeformed
It doesn't feel like this overlaps with my need for Dropbox. I use Dropbox for
file sharing, backup, version control, and the ability to access my files at
any time from any computer (through the website). Actually syncing between
computers is just a small part of it.

------
joeblau
Finally! I was trying to get something like this made 6-7 years ago for
distributing CRL's. I'm glad to see it's up and running, now all I need is a
buddy to test this out with.

edit: The UX needs a bit of polishing. I don't think my Mom is going to be
able to figure this out.

------
Down_n_Out
I think this is very promising, as a business owner I have a desktop in the
office and a laptop for the road, it makes for a secure way to sync the
"customer-folders" between both PC's and saves me from getting my laptop out
because there's a file on there that isn't yet on the desktop ... While
Dropbox is a good tool, I'd be more at ease the files are transfered
securely/encrypted... And not resting on some cloud server, call it paranoid
or whatever you want... Yes, I could use Truecrypt or whatever, but this has
the "approachability" factor in its favor ... And no I'm not saying Truecrypt
is difficult, I'm speaking more in general... I will probably test this out.

------
_pmf_
> "Another advantage is that there are no storage or transfer limits, so users
> can sync as many files as they want, for free."

Yes, I believe that, because that's a completely solid business model for
them.

~~~
nwh
Well they're not paying for storage or transfer; why does it have an impact on
the company?

~~~
_pmf_
Apparently, I'm stupid. But then the claim that the speed is comparable to
Dropbox is fishy.

~~~
nwh
The reliability would probably suffer somewhat. I doubt I could use it at a
lot of places that filter traditional p2p traffic.

------
lizzard
This is fantastic. It's easy to set up and use. I can share folders without
having to rearrange anything. I love that you don't have to make an account.
Awesome for privacy!!

------
skeletonjelly
Surprised nobody has mentioned Wuala. It was doing this in 2008. Just never
got traction.

<http://en.wikipedia.org/wiki/Wuala>

------
ivanb
This can be a good tool for a game dev studio where there are gigabytes of
artwork that needs to be shared between multiple departments.

------
jjsz
This ideological P2P sync will only work if the server you're using it on has
the highest chance of staying on. Which is a home server.

How can BS connect to ownCloud to push the updated files to avoid an emergency
where, you're not a Dropbox member, and your device was stolen and turned off?

------
manish_gill
Can anyone break down the security for me? Are they using PGP? How does the
shared secret thing work?

~~~
dmatlack
It uses AES (symmetric key cryptography) with a 256 bit key (which they refer
to as a 32-character "secret").

------
pointernil
Is this usable as a backup offsite/distributed store? Put backup into
TrueCrypt Container which itself is located in a BT Sync folder. Invite other
devices + "partners" to sync that folder ... any thoughts on this usage
scenario with BT Sync?

------
brent_noorda
Oh Happy Day! Now all our family members can once again share many many
gigabytes of family photos and movies. (I have so missed FolderShare!)

------
rdl
I don't see why you'd use this instead of AeroFS. AeroFS also has much more
useful business features once you grow into needing that.

------
siculars
I love everything about this. This is like a dark encrypted p2p network.
Looking forward to setting up family music sharing folders.

------
gcr
This is really great. I like how on Linux, you can have it run from either a
web interface or a (quite simple) .json config file.

------
shmerl
Are there any open source clients for that?

------
jjoergensen
Does anyone have experience with <http://www.symform.com>?

------
pixelcort
Very cool; this seems to sync symlinks as-is, without traversing into whatever
they're pointing at.

------
rijoja
what's really nice is how it works across modems and routers. I can't listen
to my modems port in a classical sense, so a webserver wouldn't work. But this
connects easily with my VPN! Which is fantastic. Setting this up manually
would've been really hard work.

------
nano111
Can you mark one of the node as untrusted and keep the data encrypted for
them?

------
Vecrios
I'm calling this Dropbox for geeks from now on. Looks very promising, though.

------
evoltix
I wonder how this will affect Space Monkey. Thoughts?

------
tobeportable
Best [vps-cloud_storage] setup to get "cloud syncing" ?

~~~
tobeportable
Contabo : VPS with 200GB @ 10 EUR / month : <http://contabo.com/?show=vps>

------
webwanderings
This isn't a Dropbox alternative by any means. From what I could understand,
you need to keep two of your machines ON in order to sync. The best it could
be called is replacement of your USB drive.

AeroFS does something similar and it apparently doesn't require keeping two of
your machines On at the same time, though it didn't work for me as advertised,
so I gave up on AeroFS.

Using Dropbox in the title with this, is misleading.

~~~
gcr
This was meant to address a specific use case that Dropbox does not.

I don't want a central service like Dropbox to host my files.

This design decision means that I _must_ keep one or two of my machines on for
my files to be available.

