BitTorrent Sync has reached its Beta milestone.
The tool, which allows for secure file-syncing between devices, has been under development for quite some time: BitTorrent released a limited pre-Alpha program in January, planning to use any feedback to refine the software before release. Key features include the use of peer-to-peer technology for direct synchronization, rather than storing files in the cloud—a major differentiator from similar storage services on the market. “It fits into our overall goal of making a better Internet using P2P,” BitTorrent Inc. told TorrentFreak when that pre-Alpha rolled out.
In the intervening period, of course, former federal contractor Edward Snowden leaked a variety of top-secret documents about NSA surveillance to The Guardian, kicking off several weeks’ worth of discussions and handwringing over government snooping. Several of those documents suggested that an NSA program codenamed PRISM siphoned user data from nine major technology companies, including Google and Microsoft; the named companies have stridently denied any involvement.
Those revelations about the NSA—even if totally unsurprising to the paranoid—could kick off renewed interest in software tools capable of securing data against prying eyes. In other words, this could be just the moment for something like BitTorrent Sync to hit the market. “Sync is a response to what we see as real, fundamental challenges to personal data movement: the limitations on speed, size, space, privacy, and security that come with cloud dependency,” read a July 17 note on the BitTorrent Blog.
New features in this Beta include Mobile File Syncing, which allows users to sync up work folders on Google Android devices (iOS is apparently coming soon) and SyncArchive, a “basic versioning capability” with a folder “that gives you access to archives of previous versions of your synced files.” Other tweaks since the software’s Alpha version: improved Linux WebUI, support for additional types of NAS devices, one-way synchronization, the ability to cherry-pick files and directories for sync, and a handful of bug fixes.
How secure is the system? BitTorrent Sync relies on “secrets,” or keys that connect and join different devices together. “Since each secret is 32 characters long, it is virtually impossible for the same secret to be automatically generated in two separate instances,” reads BitTorrent’s FAQ. “After a folder is added to BitTorrent Sync, the Secret is stored in its advanced preferences and can be accessed by double or right click on a folder in the ‘Folders’ tab.” The software offers the ability to generate new secrets for a folder, or replace an existing secret “with your own Base64 string more than 40 characters long.” Security-wise, that’s pretty strong.
Whether or not a user’s electronic communications are being actively monitored, there are a handful of ways to make sure that data between two entities is encrypted and thus somewhat secure. The Electronic Frontier Foundation offers a handy visualization of the protections afforded by HTTPS (Hypertext Transfer Protocol Secure, a communications protocol for secure communication over a network) and Tor (a network that relies on relays that make it difficult to trace a user’s Internet activity). HTTPS and Tor can hide very specific kinds of information, depending on which one is used.
“I naturally recommend our own HTTPS Everywhere software as well as the Tor Browser Bundle, but I hope people understand the goals and limitations of these tools,” Dave Maass, media relations coordinator for the Electronic Frontier Foundation (EFF), wrote in an email to Slashdot last month. “The Tor developers have been very clear over the years on the limitations of what Tor protects and from whom; at best Tor can make users’ origin and destination hard to link based on IP traffic data.”
Other tools—such as BitTorrent Sync, SpiderOak, Tarsnap, and Silent Circle—offer varying degrees of data encryption, with (in some cases) a tradeoff in usability. Some products on the market don’t store passwords or answers to password hints, for example, which can mean data is forever lost if the user misplaces or forgets their credentials. Those tools might not protect everyone from the latest and greatest in government anti-encryption, but it could help the security-conscious rest a little easier at night.