Why We Use Syncthing, The Open Source Private File Syncing Tool instead of NextCloud

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

I've been using sink thing for well I did a video about a three years ago but I know I was using it maybe a year or two before you do the video the project's been around awhile I've been using it for a while it is a great project and it still might go to system for how I sink all my data between my desktops my laptops or even my servers now you're probably saying well Tom didn't you do a video on next cloud and why don't you use next cloud it's an amazing project in gear not wrong next cloud is outstanding as a project I don't know of any flaws and security-related but we're gonna talk about why I use syncing versus next cloud and it comes down to I know next clouds convenient but syncing has a smaller threat surface and that is a big factor in the data that we're synchronization is how much exposure do you want to have if you're not fair as the term threat surface its own around a lot insecurity because threat surface refers to you know just how big your risk is what are all the attack factors that could be attacked with same thing it's much much narrower and much easier to man manage the threat surface versus next cloud before we dive into that topic a little deeper with sink thing let's think a sponsor of the channel so this is IT training you'll want to watch with IT pro TV these people are great they have some excellent plans and we reached out to them we weren't pursued by them as a sponsor we pursued them to sponsor us and one of the reasons why is we just kind of figured with me doing all the IT training people at least go how can I learn more how can I get certified how can I dive deeper into a topic that you don't have time to cover you just don't know time and that's true I don't know we use ITT IT Pro TV for a bunch of our training my staff uses it here they all have accounts as part of the business plan as part of the offerings we encourage everyone to keep going and furthering their knowledge and they have an entire class related slightly to what we're talking about today when we talk about reducing threat surface intro to Incident Response part 3 they have an entire series for it the each counselor certified instant Handler and there's a lot that goes into the stay offer computer hacking and forensics investigation incident handler certified encryption specialist these are things that are really handy to know and knowledge of how security works and some of the functional you know especially when it comes to the legal side of it is really important and of course as we're talking about reducing our threat surface here they're gonna have a lot of discussion about you know all the different methods of attacking after you're done watching something like that you frequently go how can I reduce my threat surface the more time you spend in security these more time you spend thinking about it so check out IT Pro TV we have links to them and many other sponsors of this channel down in the description below alright let's jump over and talk about these topics protecting your data the self hosted productivity platform that keeps you in control now I really do like next cloud as a project they do have a ton of features they have a lot of big companies ISM it's a well mature updated project it means it does get a lot of attention if there were a security flaw in it so you despite having a lot of exposure you're running an entire web server that you're allowing internet access to to synchronize not just files but be able to collaborate and documents that is a wonderful feature of next cloud I really like it from that standpoint I mean you've got calendar sharing everything else I really do like the project what do I use syncing for instead though well the only real crossover between next cloud I mean next time supports file synchronization but of course that's the only thing sync thing does without all those fun fancy features obviously you just have less to update and less risk and for my use case it works really well so the same thing projects been around for a long time I've been using it for a long time it's one port with TLS security synchronizing files now it doesn't get into the side of encrypting any of those files it doesn't get into the side of encrypting data at rest it's a transport method to synchronize files all the transport layer it uses is very well secured and it will go over the security principles real quickly how it works which their documentation by the way is quite in-depth and well-written so security is one of the primary goal project goals this means that it should not be possible for an attacker to join a cluster uninvited and it should not be possible to extract private information from the intercepted traffic currently this is implemented as follows and what they're saying here is they have a that is not not easy to crack with TLS so if you wanted to join my group of sinking vial synchronization you would need to have that encryption key not only would you have to have it even after you have the encryption key that you use to get to one sync thing join to another same thing there is still a series of prompt system same thing that someone has your encryption key and they would like to join and then it takes manual action on your part to get the system to join and then another manual action to share those files this can be more automated you can force levels of automation into it once you've shared the key to auto join certain things but that would obviously reduce the security so I have it set to the normal stock method which default is it's not going to just allow someone so even if I were to show you or let you have access to my keys and the IP addresses that connect us it still wouldn't join without me manually intervening right there it's obviously a lot more challenging to get in other things I do on my sync things I know the IP addresses of the machines well I have static machines I have a FreeNAS here and I have another sync thing set up at an off-site location that has a static address my laptop is all over the place so it has a dynamic address but via a VPN into the office I can always get back to my sync thing servers and sync things that being said I turn off global discovery NAT traversal local discovery and relaying I just don't need those features this specifically is our local FreeNAS that we have here and it keeps everything up to date as I create files I have it running on my laptop ever running on my desktop and this allows me to immediately as soon as I make a change to a file it senses that change and unchanged propagates across all the locations and that change has revision and I've got a few videos where I dive deeper into some of the strategies for using it right now even you notice that it says studio videos updated 20 19 10 6 11 4 I even have our studio computer which is actually right behind the camera there well technically it's off to the side but details it as the files are created when I create this video we're using the OBS stream deck I've got a whole detailed of how my studio works as well as videos get created they also get synced to a folder on the FreeNAS where my videos reside so they are getting copied off the local workstation immediately over to the FreeNAS that we want to go on my office and edit all the files are there immediately so it works for synchronizing those for my server backups it is constantly as the server's create files not the whole VM they create an encrypted file on the server once the file server is got this file it's encrypted password-protected it then drops it over on the freeness and the encryption key only lives on the server so then sync thing finds a new file and it synchronizes this encrypted file even I use unify a lot so even they unify every hour creates these data files so the same thing takes care of that and the data files are actually really small as despite how big our deployments are it's not that much to sync so keeping them synced hourly and then of course replicated off-site that way if anything catastrophic happens to the building although this is replicated off-site and from off-site again its replicated again at my house so it now lives in multiple locations in real time plus if you were to delete all of them here it would propagate to delete at the other locations but there's a 30-day hold at all the locations where you can do revision referred to as trashcan provisioning so anything gets in a trash it just holds on to that trash for 30 days I usually notice if something's missing for 30 days even my business documents here there's really not that many business documents it takes to run a company some spreadsheets and things like that as I edit my financials here on my laptop they get synched other things that are synced it says updated top five command history and if you followed tweet I did I'll even show you what this is someone tweeted out a really simple script and I was like this is clever so this is the top five command history and I was in my laptop I seen it I went and copy-paste of the script and ran it in here I'm like I like this I might use this once a while to see what my top five commands are maybe top ten maybe I'll tweak it later but then you know it's just I created it real quick while I was sitting in my laptop and now it's at all the locations and it's back up my desktop if I wanted to do something else on it and this actually goes for all the batch scripts that get created in here anytime I have something that I need created I'll create a script down there and because I can set this up and you can set sinking up to sink specific folders if I have just these bash scripts that I need because of another project I'm working on for another video I just put the scripts I need in there and then I can also just load sink thing really quickly on that particular project VM and all of my bash scripts are immediately synced to it making it once again very simple so sink things really very much just file sinking and because it's file sinking and I have easy to find static addresses when you could build your server in the cloud and encrypt it you could have a FreeNAS box that runs it at home or if even a FreeNAS box at work and you know so much the way I have it and just have those two talking to each other you're only exposing one single port the software auto-updates the software's really well-documented the encryption is standard TLS so they're using normal they didn't try to reinvent the wheel with encryption they're using solid encryption libraries and it's very very lightweight so it takes almost nothing to have it running on your system and once you turn off things like local discovery you've also removed some more options for people to find you because it's not just broadcasting out there but maybe you need those features and even if you need them other than them knowing is in them being people that can join your network or see your network traffic that you're using same thing you're really not that insecure so it's a solid product I really like it maybe I'll do an updated videos I realized it was three years ago since I did like how to get started with syncing video but they haven't really changed much over the years the same methodologies work this project has matured it has gotten better faster more efficient matter of fact that's one thing I probably should do an update video on it when you look at the feature set now versus a feature set three years ago definitely they've improved the way they do file watching is become more accurate and faster and by the way this is completely cross-platform so even if I have a Windows project where I need to synchronize some of the files I can spin up a Windows VM load sync thing on there and it will synchronize between the Windows computers we've actually set this up for clients we've set this up for people who want to have kind of a cloud agnostic I should say so they're like I don't really want it in the cloud I'm not sure I want to be dependent on someone else's protocols or their terms and conditions and by the way we've worked with a handful of companies that have engineering secrets so they don't even like any type of remote access they want their two facilities to synchronize you know specific documents like engineering things and so to speak secrets that they work on without having to have a third party that can see that data there's ways to do that by encrypting it before you send it to Google Drive before you send it to Dropbox or whichever company it was same thing all my data's encrypted at rest on my laptop when I close the lid and sync things just a transport layer between the two so it's not involved in that and no third party has to be involved at all they do have some global discovery servers if you need natural versal and things like that it does support so you don't have to open any ports that is a feature that you can do with sync thing with your global discovery and relay servers that they offer for free so you have options if you're out in a field they even have a phone app at least for the Android so you don't have on anything that I'm not to my knowledge for iPhone anymore but it's a great project check it out I'll leave links below where to get this and thanks for watching and thank you for making it to the end of the video if you like this video please give it a thumbs up if you like to see more content from the channel hit the subscribe button and hit the bell icon if you like youtube to notify you when new videos come out if you'd like to hire us head over to lawrence systems comm fill out our contact page and let us know what we can help you with and what projects you like us to work together on if you want to carry on the discussion hetero to forum style or insistence calm where we can carry on the discussion about this video other videos or other tech topics in general even suggestions for new videos they're accepted right there on our forums which are free also if you like to help the channel on other ways head over to our affiliate page we have a lot of great tech offers for you and once again thanks for watching and see you next time

Info

Channel: Lawrence Systems

Views: 139,863

Rating: undefined out of 5

Keywords: open source, cloud storage, file sharing, file sync, file sharing between two computers, Open Source Private File Syncing Tool, file synchronization, freefilesync, sync, syncthing, syncthing tutorial, syncthing freenas, syncthing vs nextcloud, syncthing setup, syncthing windows, syncthing android, linux, ubuntu, tutorial

Id: bNiiJe8NpEw

Channel Id: undefined

Length: 13min 0sec (780 seconds)

Published: Sun Oct 06 2019