External security audit

Syncthing is used by many users for - I would suggest various things that these users would like to keep secret (otherwise thy could use Bittorrent-Sync instead).

What do you thing about an external security audit for the syncthing components (protocol/Application/App/announce-server/etc)?

Is syncthing ready for this?

I know - this will cost money, maybe croudfunding would be a a way here…

Regards, Schuft69

I personally think that v1.0 should be released first. Too many things may change before. Syncthing uses TLS for traffic protection, so I guess the audit would rather be about the implentation then about the TLS itself.

It would be great if you could organise a external security audit. :+1: