X-Date: 2024-09-30T01:21:18Z
X-Note-Id: bb503005-a70b-4b26-903d-2eb721b78b89
Subject: SyncThing now has encrypted servers
X-Slug: syncthing_now_has_encrypted_servers

[SyncThing](https://syncthing.net/) is a file synchronization tool that allows you to sync
stuff across your computers and mobile devices. It doesn't have a "cloud" component, and
works peer-to-peer between devices you own.

Overall, it works quite reliably except in cases where there is no device that is always on.
In that case, if you change a file on two devices that were on and connected at non-intersecting
intervals of time, you'd get a conflict.

The way to solve this problem is to install an instance of SyncThing on a VPS. This will mean
that the VPS always contains up-to-date data and solves as a tie-breaker. But as soon as
you do this, your data will be available on the VPS's disk. If someone breaks into the VPS,
they can steal your data. Because the VPS is exposed to the internet a lot more than your
phone or desktop and runs on someone else's hardware, it has a higher risk of leaking data.

Apparently now SyncThing has [suport for untrusted/encrypted devices](https://docs.syncthing.net/users/untrusted.html).
In this mode, other instances will encrypt data when sending it to the untrusted device, and unencrypt on receipt.
This removes the problem of the VPS leaking sensitive data. Even if someone breaks into it, all they see is files
with what looks to them as random data, and with non-discernible names.

There are alternative synchronization options like [NextCloud](https://nextcloud.com/) which also have
end-to-end encryption, but most of them have a lot of functionality. And the more functionality there is -
the easier it is to exploit. So if you don't specifically need what NextCloud provides, you'd be probably
better off just using SyncThing.