@Eddy2909 can you explain to me exactly why and how you think tor is relevant here?
I think Eddys point is that Tor is all about using untrusted peopleās servers.
Which, to be fair, has proven to be a very bad idea multiple times. Running an exit node and inspecting all traffic for email or clear text credentials is fun.
But, and Iām repeating myself here, Syncthing is not and has never been about communicating anonymously. Itās about syncing files between your devices, or with devices belonging to your trusted friends.
3 Likes
Agreed. If someone wants to proxy discovery server connections through tor, thatās (probably?) possible. Thereās no point in us reinventing the wheel for software which had much higher priorities right now.
Thanks Audrius. Please help me understand this.
When I look at the UI, I see that I can configure N>1.
However I am also suggesting a future enhancement where we can specify which discosrv is used on a per device basis.
2 Likes
Yeah. I think you could (today) use something like a public device that uses the official server, a private device that uses your private one, and a hybrid that talks to both. The hybrid one will be able find both of the others. The public server will never gain any knowledge about the private device.
Your āper deviceā setting would only control who to ask for what IDs, but itās essentially free to ask a server that does not know about it, and doesnāt reveal any relevant information to the server.
The per device setting wouldnāt help with restricting announcements, so your private device still needs to talk only to the private discovery server.
1 Like
surely, you can sniff the packages of one or if you have too much time several exit servers or tor-relays - but you will never be able to take down the whole tor-network because its distributed. If you would like to disturb or take down syncthing ānetworkā you only would need to attack one single point. in our example it would be enough to use one infiltrated discosrv - to gain all data right? thats why I DO LOVE the idea of @calmh with dht.
idea: what if there was a dht network of discos āaboveā all devices.
usecase: if Iām adding for example 5 discos to a devices settings. what if my device divides and spreads his id:ip hash of data or whatever it is called and sends it to those 5 discos. if some new devices want to join my devicenetwork they need to use the same 5 discos to get the whole and neccessary data. the problem: what happens, if one of them is down - they need to have a redundancy right?
would this be difficult/possible to realize?
As Iāve explained, there is no reason to do that, and I donāt see the value this would bring.
You are completely contradicting yourself. First you wanted anonymity, now you want DHT, which is the opposite of anonymity, as everyone knows everything without effort.
If we run 5 discos, having 1 disco up is enough for peers to find each other, given all devices use the same 5 discos.
It seems you just want to make people to implement something, without providing any justification, on a it sounds cool basis.
just read about dht, there are two ways:
- spread and divide the data or
- give all discos all data
is that false? if not I was talking about the first version - by that we would gain some kind of anonymity (by saving only useless data-parts) and security (by distribution).
You both have suggested some ideas that I will test. I have never configured N>1 discovery servers in my local device settings.
Thanks!
1 Like
I may be wrong, but my understanding about how his works is that you connect to a few nodes of the DHT and broadcast your queries to them, and they relay them towards the nodes that may have the answer and so on. Iām not sure how difficult it is to engineer this so that I control one of the devices close to you, to be able to intercept the queries and inspect them. It doesnāt seem infeasible, but I could be wrong.
1 Like
my current disco settings:
one rpi running disco and the public one until the second rpi is online. then I will switch using both rpi-disco servers. just for reliability 
Cool, thatās exactly the intention that people should be able to do that. Go for it.
yeah I will - but thats only a solution for me 
what about Emiliy B. from A.?
you mean like dns?
Look, this is getting tedious and Iām checking out for the night. So, Iām implementing discovery over tls. Iāll look at adding a server or two, that doesnāt hurt. Iām not going to implement a DHT discovery, because I donāt see the point and i donāt understand it well enough. If someone else does and contributes it, and itās provably superior in some way, Iāll happily merge it and use it.
I think thatās all on this topic from me for the moment.
I am back with my Private vs Public discosrv questions. I think a graphic will explain my issue, so here goes:
In the illustration above, devices A,B,C share some ātop secretā stuff using a Private discosrv. Device C (thatās me) adds a 2nd discosrv (public), and shares some family photos with devices D and E. Everything works, and devices A and B can never discover D and E and vice-versa.
In the diagram below, the owner of device A (not me) later decides to add a 2nd discosrv (public) and share some music files with his friend F.
Now my question: Since both devices C and A are configured to use 2 discosrvās (1 private + 1 public) ā¦ is it possible to configure so that the discovery between A-C continues via the Private discovery server only?
The way it is now (and thatās the way Iād like it to stay) is that it will look for everyone everywhere, concurrently.
So in the first case, C will look for A, B, E, D on both public and private disco, but obviously will only find them on the ones they are participating on. So the public disco will get a request for C looking for A but not get a response. Again, Aās ID is just a hash of some random piece of information, so you canāt pin it to anyone.
In the second case, same case will happen, though through which server C will resolve A will depend on latency and gods of random numbers.
This might not be exactly the way I wish it could be - but now I fully understand the way it is now.
Thanks for walking me thru this ā¦ 
like calmh said, syncthing is for you syncing files with people you trust, if you donāt trust discosrv, then donāt use any discosrv, you donāt require a discosrv for connection, I tested it.
my 80+ computers running on both public and private network, and even with a discosrv running on a computer that connects with both network they just canāt communicate with each other, if you worry about your IP being transfer to malicious place, secure your own connection.