Security is one of the primary project goals. This means that it should not be possible for an attacker to join a cluster uninvited, and it should not be possible to extract private information from intercepted traffic. Currently this is implemented as follows.
All device to device traffic is protected by TLS. To prevent uninvited devices from joining a cluster, the certificate fingerprint of each device is compared to a preset list of acceptable devices at connection establishment. The fingerprint is computed as the SHA-256 hash of the certificate and displayed in a human-friendly encoding, called Device ID…
Relay Connections
When relaying is enabled, Syncthing will look up the pool of public relays and establish a connection to one of them (the best, based on an internal heuristic). The selected relay server will learn the connecting device’s device ID. Relay servers can be run by anyone in the general public. Relaying defaults to on. Syncthing can be configured to disable relaying, or only use specific relays.
If a relay connections is required between two devices, the relay will learn the other device’s device ID as well.
Any data exchanged between the two devices is encrypted as usual and not subject to inspection by the relay.
Web GUI
If the web GUI is accessible, it exposes the device as running Syncthing. The web GUI defaults to being reachable from the local host only.
In Short
Parties doing surveillance on your network (whether that be corporate IT, the NSA or someone else) will be able to see that you use Syncthing, and your device IDs are OK to share anyway, but the actual transmitted data is protected as well as we can. Knowing your device ID can expose your IP address, using global discovery.
Protecting your Syncthing keys and identity
Anyone who can access the Syncthing TLS keys and config file on your device can impersonate your device, connect to your peers, and then have access to your synced files. Here are some general principles to protect your files:
If a device of yours is lost, make sure to revoke its access from your other devices.
If you’re syncing confidential data on an encrypted disk to guard against device theft, put the Syncthing config folder on the same encrypted disk to avoid leaking keys and metadata. Or, use whole disk encryption.
I don’t know of any particular security audits off the top of my head, but I know of a lot of very intelligent computer people who think Syncthing is reasonably trustable (as far as you can trust computers…).
Yes I know they can hack your home server but hey you can make it LAN only right?
Yes, Syncthing does not require internet just a local network, you can build a cabin in the middle of Alaska with no reception of any kind, hook up a solar panel, plug in a router, connect computers and phones with Syncthing software on them and BOOM you are in business. The devices will likely just show up as nearby device_ids that you can just click on in the web gui interface. It is enragingly simple given how obtuse, incompatible or insecure most other alternatives are.
Listen it’s just my personal position that I want to OWN my notes completely and without exceptions. And about the security:
Are there any independent studies on the forward secrecy?
If 1 is false, how about bad actor attacks? Yes I know they can hack your home server but hey you can make it LAN only right?
EDIT: Imagine downvoting personal preferences
quoted from here https://docs.syncthing.net/users/security.html
Security Principles
Security is one of the primary project goals. This means that it should not be possible for an attacker to join a cluster uninvited, and it should not be possible to extract private information from intercepted traffic. Currently this is implemented as follows.
All device to device traffic is protected by TLS. To prevent uninvited devices from joining a cluster, the certificate fingerprint of each device is compared to a preset list of acceptable devices at connection establishment. The fingerprint is computed as the SHA-256 hash of the certificate and displayed in a human-friendly encoding, called Device ID…
Relay Connections
When relaying is enabled, Syncthing will look up the pool of public relays and establish a connection to one of them (the best, based on an internal heuristic). The selected relay server will learn the connecting device’s device ID. Relay servers can be run by anyone in the general public. Relaying defaults to on. Syncthing can be configured to disable relaying, or only use specific relays.
If a relay connections is required between two devices, the relay will learn the other device’s device ID as well.
Any data exchanged between the two devices is encrypted as usual and not subject to inspection by the relay.
Web GUI
If the web GUI is accessible, it exposes the device as running Syncthing. The web GUI defaults to being reachable from the local host only.
In Short
Parties doing surveillance on your network (whether that be corporate IT, the NSA or someone else) will be able to see that you use Syncthing, and your device IDs are OK to share anyway, but the actual transmitted data is protected as well as we can. Knowing your device ID can expose your IP address, using global discovery.
Protecting your Syncthing keys and identity
Anyone who can access the Syncthing TLS keys and config file on your device can impersonate your device, connect to your peers, and then have access to your synced files. Here are some general principles to protect your files:
If a device of yours is lost, make sure to revoke its access from your other devices.
If you’re syncing confidential data on an encrypted disk to guard against device theft, put the Syncthing config folder on the same encrypted disk to avoid leaking keys and metadata. Or, use whole disk encryption.
^ quoted from here https://docs.syncthing.net/users/security.html
I don’t know of any particular security audits off the top of my head, but I know of a lot of very intelligent computer people who think Syncthing is reasonably trustable (as far as you can trust computers…).
Yes, Syncthing does not require internet just a local network, you can build a cabin in the middle of Alaska with no reception of any kind, hook up a solar panel, plug in a router, connect computers and phones with Syncthing software on them and BOOM you are in business. The devices will likely just show up as nearby device_ids that you can just click on in the web gui interface. It is enragingly simple given how obtuse, incompatible or insecure most other alternatives are.