BitTorrent Sync: File Syncing Decentralised

File syncing services such as Dropbox, Google Drive and Microsoft SkyDrive all have one thing in common: they provide a centrally hosted solution. Your files are stored not only on the devices you’re using but also on their servers. It’s an extremely useful feature as it means you can easily share files to other people without any complicated setup and you’ll always be able to access your files through a web browser. Whilst these services are extremely secure, there are those who are a little wary of having personal (or even confidential) information stored somewhere that they have no control over.

BitTorrent Sync is a new service that provides a decentralised file syncing solution with an emphasis on security and keeping your files off such servers. Is it a worthy alternative for the security conscious?

How It Compares

BitTorrent Sync is a secure file syncing solution developed by the same people responsible for the BitTorrent protocol of file sharing, indeed it even uses the same technology as its underpinnings. File transfers are fully encrypted and accessing shared folders requires a special key called a “secret”, a uniquely generated passcode. Entering this secret on any other computer running BitTorrent Sync will grant access to the folder and all the files within will sync, securely, without going through a server.

Unlike services such as Dropbox which sync via a central server, BitTorrent Sync establishes a direct connection between computers sharing folders

Unlike services such as Dropbox which sync via a central server, BitTorrent Sync establishes a direct connection between computers sharing folders

Compare this to a service like Dropbox, for example, and the files, whilst still syncing securely, do so via a server first. Additionally, speeds are usually throttled to maintain a consistent level of service for all users so even if you have a super-fast connection, you may find files seem to take longer than expected to sync.

Setting Up

BitTorrent Sync provides a setup assistant though lacks any descriptive information at this time

BitTorrent Sync provides a setup assistant though lacks any descriptive information at this time

Once you’ve downloaded and launched the app, you’re given a simple setup assistant to guide you in starting. You’re asked if you’re setting this up for the first time or if you already have a secret that you’ve been provided. To a novice user, it’s not entirely explained what this means so some users may find it a little harder to understand to begin with. There’s no accompanying help guide so any assistance you might have will need to be found via the app’s website which does provide assistance via an easy to understand FAQ and active forum.

What you’ll notice immediately is that there is no user registration, no email address to provide, not login details to create. This is in keeping with some of BitTorrent’s more secure beliefs that security isn’t just about encryption, it’s about anonymity. Compared to a service such as Dropbox, it means that BitTorrent Sync lacks features such as a web interface since all the files exist only on the computers they reside on and if you need access to a file whilst on the move, there’s no mobile app either.

This leads on to another potential issue for some users as any computers with a folder being shared need to be running whilst a sync is in process since it’s a direct connection. Likewise, any changes made will only sync to the rest of the computers when they’re switched on and connected. Unlike Dropbox, there’s no automatic updates from a central, always-on server as soon as you switch your Mac on.

Similar to Dropbox, BitTorrent Sync provides a menu item to keep track of useful information and access the preferences

Similar to Dropbox, BitTorrent Sync provides a menu item to keep track of useful information and access the preferences

Once started, BitTorrent Sync includes a menu item that will provide some useful information as well as access to the app itself.

Keep It Secret, Keep It Safe

When you first set up BitTorrent Sync, you're given a secret key for the default sync folder it sets up for you.

When you first set up BitTorrent Sync, you’re given a secret key for the default sync folder it sets up for you.

If you choose to perform a standard setup, BitTorrent Sync will create a folder within your home folder to use and then provide you with a special passcode, or key, called a “secret”. This is the way folders are shared. Since there’s no centralised account, you need to then enter this on the other computers you’ll setup, either by performing the setup assistant and selecting “I have a secret” or, if it’s already set up, using BitTorrent Sync’s preferences.

Whilst you are provided with a generic “BTsync” folder to use you can also add folders from anywhere on the Mac to sync, giving it a feature that is lacking in Dropbox.

You can add folders from anywhere on your Mac and generate a unique random secret key for each one

You can add folders from anywhere on your Mac and generate a unique random secret key for each one

More than that, this secret allows you to share a folder with anyone you want, provided they’re also using BitTorrent Sync. Think of the secret as literally as a key, anyone using it can unlock that shared folder.

For each sync folder you add you’re given the a new secret, generate another one or you can create your own. Additionally, you can also create a “read-only” secret which means the recipient can’t make any changes to the files (nor remove them). For sharing documents that other people would want to use but not necessarily make changes to, it’s a great idea.

In addition to generating secrets for folder access, you can also provide read-only access and even keys that expire after 24 hours

In addition to generating secrets for folder access, you can also provide read-only access and even keys that expire after 24 hours

For increased security you can also issue one-time secrets that expire after 24 hours.

The Human Element

I’m very impressed with how BitTorrent Sync works and during my testing it worked without issue. With all this focus on security, however, the human element is what proves to be a letdown for this app.

I can see the primary way people would share these randomly generated, ultra-secure keys would be via email. Email communication, even today, isn’t secure and many companies who send their users passwords via email are often criticised for practicing poor security.

Despite the emphasis on security and animosity, many users will almost certainly take to emailing secret keys which isn't secure. Whilst this is the fault of the user, providing them with a long unmemorable key without an alternative method of sending it to someone doesn't help.

Despite the emphasis on security and anonymity, many users will almost certainly take to emailing secret keys which isn’t secure.

Likewise, should anyone somehow obtain a secret key by snooping on emails, they’ll then have access to a folder you’re wanting to share. At the moment, there’s not really an easy way to share these keys securely though such as iMessage, which is encrypted, would be preferable. But there are just too many people who would just automatically take to email, making much of the security that BitTorrent Sync promotes kind of, well, redundant.

Ready for Prime Time?

For those wanting to use this for their own personal use and not share folders with other users, perhaps entering the secret into 1Password, then BitTorrent Sync is an extremely useful tool. In terms of file syncing, it doesn’t bring anything else to the table that services such as Dropbox and Google Drive don’t already offer. In fact, because of its decentralised method of file syncing, it actually provides fewer features than its server-based counterparts. Granted, your files aren’t centrally hosted so for the security conscious it’s very appealing but if secret keys are sent via email then in some ways, BitTorrent Sync could be seen as less secure.

Despite the advantages and disadvantages of BitTorrent Sync, it’s strictly in alpha testing at the moment. This is the earliest stage that a developer feels that general users can start testing it and if you know what a beta version is, this is the one before it. Because of this, it’s hard to recommend it as a viable alternative to services like Dropbox or Google Drive… yet. There will be tradeoffs to consider if you’re wanting to switch file syncing service and you’ll need to judge whether the additional security is worth the reduction in overall features.

I came away from using BitTorrent Sync hopeful that continued development and an eventual 1.0 release will make it a viable alternative. For power users and hobbyists, this is something definitely worth exploring. I myself am going to keep using the app as it matures but I’ll be continuing to use Dropbox as my primary file syncing service.

For everyone else, stick with what what’s already established and available but keep your eyes open, there’s a new kid in town.


Summary

BitTorrent Sync has a very bright future ahead of it and the potential to be a serious contender to the current file syncing giants, such as Dropbox and Google Drive. But without a secure way to share secret keys, its lack of features when compared to services such as Dropbox and the fact it's still in early development, it's not quite ready to do battle with the giants... yet.

7
  • http://www.strshp.com Prescott Perez-Fox

    I think the obvious use it to sync huge folder, perhaps even larger than 1TB. For example, if you sync your “movies” folder with your friends, you’d all be sharing Blu-ray movies after a few hours (or days) of background downloading. You could use it to keep your entire drive backed up to your home or office computer, or maintain a duplicate of your server somewhere off-site.

  • Anonymous

    I see the application of this when you backup by syncing sensitive documents between your laptop and desktop computer for example, without sticking your stuff in the cloud, where the security measures can be flawed and open to forced attacks.

    And by the way, I think the author means “Anonymity” and not “Animosity”. Not to be too troll-ish, but that Mac has a very good dictionary.

    • http://techinch.com/ Matthew Guay

      Fixed now, sorry for missing that before!

  • Roror

    Promising technology. Is there any advantage of this over aerofs? Adding any folder is a plus. Anything else?

    • NSDocument

      BitTorrent Sync don’t saturate your network on large transfers. AeroFS is much slower than what LAN speed allows. It’s probably the main selling point for me, since I have about 100GB to sync.

  • Ronamo

    Did you perhaps mean that they believe in security through “anonymity” rather than “animosity?”

  • Dom

    This is very promising. This works exactly same as Dropbox but bit better than Dropbox in privacy, Because in Dropbox the workers or government can see what you used to store and what are the informations were stored under your account. But Bittorrent Sync doesn’t have server to sync in the cloud it syncs Computer to Computer just like the Torrents and No one will able to see your files without authentication code. I’m waiting for the public release it would be awesome if they release it for free!

    Thanks for your awesome article :)

  • Sigilist

    I took a look at the developer’s site and was left with one question (though maybe I missed the answer). Will there be localized applications for Linux and Windows? Again, if I missed something, please show me the way.

    • Sigilist

      Nevermind. I found the answer.

  • http://buildersnippets.com Sridhar Katakam (@srikat)

    I use AeroFS.

    https://aerofs.com/

  • Argeman

    As one can already see in the screenshot, there are “one time secrets” that allow the addition of only one additional peer – and only for 24 hours. That covers the most scenarios even in case of an unsecure communication quite well.

    • Argeman

      Just as addition: the article already covers the one-time-secrets – but wrong. They do expire after 24 hours /if not used/. If you use it, you will be able to syncronize just forever. I’ve used them two times already and my devices still sync fine – and as expected, noone can join the syncing with the expired and used one-time-secrets anymore.

theatre-aglow
theatre-aglow
theatre-aglow
theatre-aglow