I have posted about using dropbox quite a few times over the last couple of years; it is one of those utilities that quickly insinuates itself into an indispensable niche in your workflow and, consequently, can be very difficult to dislodge. Perhaps because it has started to glue together so much of the way I work, I have been wondering when I would find a replacement that would deliver all, or much, of the functionality, without the standard cloud security issues, that seem to bedevil these services.1
When I saw that BitTorrent had release a distributed synching app called—appropriately— Sync, I signed up for the Alpha and have been running it in lieu of dropbox for the past three weeks. My initial reaction is, that for a first release, it is very impressive.
Essentially, Sync uses the bittorrent peer-to-peer protocol and encryption (AES 256 using a private key based on the secret generated for each shared folder) to sync files between your machines—or anyone with whom you share the secret for a particular directory. This has several advantages over dropbox, from my perspective. First and foremost, you are not relying on some third party for security2, storage and uptime. Secondly, all of the traffic between your devices is encrypted. And finally, it is free (sadly, only as in beer).
So what does it do well? It is ridiculously easy to setup. You download the binary, start the app and then (on Linux) use the web interface to setup your first synching folder by generating a secret and then nominating a folder to share. On your next machine, enter the secret and select or create the shared folder and your files will be synched. Done.
On a headless machine, there is a config file that you can create:
Edit it to suit your requirements, and then start
syncapp with that configuration:
and you are away, happily synching.
Like other applications that use the bittorrent protocol, it can take a minute or two for the synching to begin, but once it does I found it—over the Internet as well as my LAN to be much faster than dropbox. Another plus.
Areas for improvement
It is Alpha software so there are some areas where you can expect to see improvements with subsequent release. For me, that includes:
- Better command line tools; the current limited set are servicable, but could do with more flexibility and options
- The ability to create your own secret, rather than rely on generated ones
- A less fragile config file; it is written in JSON and the simplest errors will break it
- More Linux love; the other platforms have a much more sophisticated UI
A comparison with dropbox is not entirely fair; there are some things that dropbox does—like versioning—that Sync can/will not do. Dropbox also allows you to host public files and folders, meaning that you can setup a basic webpage or share a photo album. Sync clearly isn’t designed for this.
However, in some other respects, like architectures for example, Sync is already a better choice. The ARMv6 port means that I am able to run it on my Raspberry Pi, and that I have been able to update my IRC notification system to use Sync rather than dropbox and it is working perfectly well.
There is one area, though, where I wish the BitTorrent team would be a lot more forthcoming. There has been an unanswered question on the Sync forums for over three weeks now asking will Syncapp be open sourced? Aside from the issue of whether or not the source will be made available (and I am guessing that given their reticence to answer the question on their boards the prognosis is not promising) people using the application now should know under what terms they are using it.
In the absence of any definitive licensing, I can only assume that the application is covered by BitTorrent’s default EULA. That ambiguity means that I am happy to participate in the trial and provide feedback, but I won’t be using the app for any remotely sensitive data and I am unlikely to do so until that issue is clarified.
I’ll install Sparkleshare and give that a shot instead…
- Naturally, there are more issues at play here than just their (in)security policies.
- Assuming, of course, you trust what BitTorrent pack into the binary…