I am using Syncthing 0.9 on several machines. Today, when I installed it on a new one, I experienced a very strange behaviour. Syncthing added a node with the strange name SDU5WI programmatically. And it even shared all of my repositories with this unknown node! After I deleted the node, the same thing appeared again. So I had to shut down Syncthing on all my computers and will never use it again till someone can explain to me what that does mean. Who is gaining access to my files here? How could such a thing ever happen? By the way: with the newest Version, 0.10.0, that was released today, it happens as well.
This is the introducer feature. One of your nodes has the node SDU5WI added, and since this node is marked as introducer, it shares this relationship with other nodes which then add the node and share repos.
You can switch off introducer functionality on all the nodes and it will go back to the way it was before.
Thank you for the fast replay. I could now recognize the node by its ID. But for no professional users like me, this useful feature should use the same name for the node as the original name. ›SDU5WI‹ was a random name and not the name I gave to the node.
Problem is, name isn’t known at this stage. The real name would appear when they connected. But this could perhaps be extended in the future…
I noticed that introducer functionality is enabled by default for new nodes (in v0.10.0).
This is really bad, especially for new users who don’t know what it does, and also for anyone who is used to an older version and doesn’t check all the options.
1 Like
I personally think in the longer term I’d want it to be on by default, as it makes peoples life easier. I guess people will have to go through this initial shock in order to get used to it.
But maybe there should be a note on these nodes, saying that it was added programmatically, referencing to the original node that introduced it and introducing the introducer feature. Shoks could be contra productive, as we are talking about software dealing with your personal data…
1 Like
I’m not sure if it always makes sense. Eg I might have a folder shared with a friend, but I don’t want to add all his friends to my known devices.
Then you shouldn’t mark your friend as an introducer as you are adding him?
Exactly, and that’s why I think it shouldn’t be enabled by default (only by conscious decision).
You only add the connected devices from your friend, when your friend shares the same folder with them. If they have access to the same data, why not also download/share from/with them?
Only because you add more devices doesn´t mean that they can get any data from the other folders from your device.
I think that a larger proportion of Syncthing’s use cases are different devices of the same individual just keeping data in sync, and in this case the introducer flag on by default makes complete sense.
I think this friend to friend sharing is I believe a smaller proportion, and therefore having the flag off by default would introduce an extra click for the majority of users.
Because we already have torrent software to perform the task of anonymous file sharing.
Syncthing in my opinion, is for private syncing - and once we let it go viral (my folder can be shared with friends of friends of friends etc. …) all sense of privacy and control is gone.
Example: I add a friend (introducer flag = on) and share a folder, so we can add our photos of a recent vacation we took together. There is no “Master” device, as we both wish to add pix into the shared folder. Unknown to me, my friend decides to share the folder with his friends, and he keeps the “Master” setting off. One of those friends decides to delete the contents of the folder, and replace the files with photos of his pet dog. When the next sync propagation occurs, the photo folder on my device is wiped clean, and now I have an unknown person’s doggie pix on my machine.
The flexibility of syncthing is awesome, but for those who want to maximize privacy, the convenience features that broadcast metadata across connected devices should be set at default off.
I agree that most use cases are a person’s own devices, but I still think introducer flag should be off by default to protect those who decide to share with other people.
I think that a larger proportion of Syncthing’s use cases are different devices of the same individual just keeping data in sync
Although that is not necessarily true for other systems that might be using Syncthing 
(For Ind.ie, the use cases are probably 50/50 and the it could be disastrous if people end up sharing things with people they never intended to.)
The only remedy I have for this situation at present came from @calmh : one folder to be shared among all devices I trust implicitly (devices are mine), and a separate folder (same content) shared with a friend. This way, no unknown person can mess up my private folder.
If your friend add his friends, and there is no introducer flag:
… the photo folder on your friends device is wiped clean, then your device is wiped clean. Then you have again an unknown person’s doggie pix on your machine.
Exactly.
This also means, you can have the introducer flag, because the additional devices will not change or delete files, if they are only introduced.
So I think your argument about this chain effect is completely valid, and basically all it takes is for 1 device to be compromised or make a mistake my selecting the wrong option and the whole trust goes to waste.
Perhaps you are right, I withdraw my opinion of it being on by default, and suggest we make it off by default. I guess its a It’s a feature of comfort, and we can afford to make a extra click to get the comfort.
@bigbear2nd You’re right. Introducer flag or not, the doggie pix situation can only be prevented by using separate folders when you share with other people.
LOL! Took a while for this to sink in and take hold in my mind. 
On 2nd thought, @bigbear2nd makes a valid point. The threat to privacy is independent of the introducer default setting. The security comes from separating those folders which you wish to keep private (on your personal devices) vs those folders you will allow to go viral.
Sorry to flip-flop on this issue - but I think bigbear2nd has it right, and I was wrong.
I am glad to help
Works for me.