File syncing services such as Dropbox, Google Drive and Microsoft SkyDrive all have one thing in common: they provide a centrally hosted solution. Your files are stored not only on the devices you’re using but also on their servers. It’s an extremely useful feature as it means you can easily share files to other people without any complicated setup and you’ll always be able to access your files through a web browser. Whilst these services are extremely secure, there are those who are a little wary of having personal (or even confidential) information stored somewhere that they have no control over.
BitTorrent Sync is a new service that provides a decentralised file syncing solution with an emphasis on security and keeping your files off such servers. Is it a worthy alternative for the security conscious?
How It Compares
BitTorrent Sync is a secure file syncing solution developed by the same people responsible for the BitTorrent protocol of file sharing, indeed it even uses the same technology as its underpinnings. File transfers are fully encrypted and accessing shared folders requires a special key called a “secret”, a uniquely generated passcode. Entering this secret on any other computer running BitTorrent Sync will grant access to the folder and all the files within will sync, securely, without going through a server.
Compare this to a service like Dropbox, for example, and the files, whilst still syncing securely, do so via a server first. Additionally, speeds are usually throttled to maintain a consistent level of service for all users so even if you have a super-fast connection, you may find files seem to take longer than expected to sync.
Once you’ve downloaded and launched the app, you’re given a simple setup assistant to guide you in starting. You’re asked if you’re setting this up for the first time or if you already have a secret that you’ve been provided. To a novice user, it’s not entirely explained what this means so some users may find it a little harder to understand to begin with. There’s no accompanying help guide so any assistance you might have will need to be found via the app’s website which does provide assistance via an easy to understand FAQ and active forum.
What you’ll notice immediately is that there is no user registration, no email address to provide, not login details to create. This is in keeping with some of BitTorrent’s more secure beliefs that security isn’t just about encryption, it’s about anonymity. Compared to a service such as Dropbox, it means that BitTorrent Sync lacks features such as a web interface since all the files exist only on the computers they reside on and if you need access to a file whilst on the move, there’s no mobile app either.
This leads on to another potential issue for some users as any computers with a folder being shared need to be running whilst a sync is in process since it’s a direct connection. Likewise, any changes made will only sync to the rest of the computers when they’re switched on and connected. Unlike Dropbox, there’s no automatic updates from a central, always-on server as soon as you switch your Mac on.
Once started, BitTorrent Sync includes a menu item that will provide some useful information as well as access to the app itself.
Keep It Secret, Keep It Safe
If you choose to perform a standard setup, BitTorrent Sync will create a folder within your home folder to use and then provide you with a special passcode, or key, called a “secret”. This is the way folders are shared. Since there’s no centralised account, you need to then enter this on the other computers you’ll setup, either by performing the setup assistant and selecting “I have a secret” or, if it’s already set up, using BitTorrent Sync’s preferences.
Whilst you are provided with a generic “BTsync” folder to use you can also add folders from anywhere on the Mac to sync, giving it a feature that is lacking in Dropbox.
More than that, this secret allows you to share a folder with anyone you want, provided they’re also using BitTorrent Sync. Think of the secret as literally as a key, anyone using it can unlock that shared folder.
For each sync folder you add you’re given the a new secret, generate another one or you can create your own. Additionally, you can also create a “read-only” secret which means the recipient can’t make any changes to the files (nor remove them). For sharing documents that other people would want to use but not necessarily make changes to, it’s a great idea.
For increased security you can also issue one-time secrets that expire after 24 hours.
The Human Element
I’m very impressed with how BitTorrent Sync works and during my testing it worked without issue. With all this focus on security, however, the human element is what proves to be a letdown for this app.
I can see the primary way people would share these randomly generated, ultra-secure keys would be via email. Email communication, even today, isn’t secure and many companies who send their users passwords via email are often criticised for practicing poor security.
Likewise, should anyone somehow obtain a secret key by snooping on emails, they’ll then have access to a folder you’re wanting to share. At the moment, there’s not really an easy way to share these keys securely though such as iMessage, which is encrypted, would be preferable. But there are just too many people who would just automatically take to email, making much of the security that BitTorrent Sync promotes kind of, well, redundant.
Ready for Prime Time?
For those wanting to use this for their own personal use and not share folders with other users, perhaps entering the secret into 1Password, then BitTorrent Sync is an extremely useful tool. In terms of file syncing, it doesn’t bring anything else to the table that services such as Dropbox and Google Drive don’t already offer. In fact, because of its decentralised method of file syncing, it actually provides fewer features than its server-based counterparts. Granted, your files aren’t centrally hosted so for the security conscious it’s very appealing but if secret keys are sent via email then in some ways, BitTorrent Sync could be seen as less secure.
Despite the advantages and disadvantages of BitTorrent Sync, it’s strictly in alpha testing at the moment. This is the earliest stage that a developer feels that general users can start testing it and if you know what a beta version is, this is the one before it. Because of this, it’s hard to recommend it as a viable alternative to services like Dropbox or Google Drive… yet. There will be tradeoffs to consider if you’re wanting to switch file syncing service and you’ll need to judge whether the additional security is worth the reduction in overall features.
I came away from using BitTorrent Sync hopeful that continued development and an eventual 1.0 release will make it a viable alternative. For power users and hobbyists, this is something definitely worth exploring. I myself am going to keep using the app as it matures but I’ll be continuing to use Dropbox as my primary file syncing service.
For everyone else, stick with what what’s already established and available but keep your eyes open, there’s a new kid in town.
BitTorrent Sync has a very bright future ahead of it and the potential to be a serious contender to the current file syncing giants, such as Dropbox and Google Drive. But without a secure way to share secret keys, its lack of features when compared to services such as Dropbox and the fact it's still in early development, it's not quite ready to do battle with the giants... yet.7