Great question. I forgot to mention but at this point syncthing is only accessible on my WiFi at home. No VPN to it and no remote locations.
Comment on Syncthing alternatives
NaibofTabr@infosec.pub 1 week ago
Ah, just one question - is your current Syncthing use internal to your home network, or does it sync remotely?
Because if you’re just having your mobile devices sync files when they get on your home wifi, it’s reasonably safe for that to be fire-and-forget, but if you’re syncing from public networks into private that really should require some more specific configuration and active control.
ZeDoTelhado@lemmy.world 1 week ago
Onomatopoeia@lemmy.cafe 1 week ago
Syncthing runs encrypted anyway.
NaibofTabr@infosec.pub 1 week ago
Encrypting the connection is good, it means that no one should be able capture the data and read it - but my concern is more about the holes in the network boundary you have to create to establish the connection.
My point of view is, that’s not something you want happening automatically, unless you manually configured it to do that yourself and you know exactly how it works, what it connects to and how it authenticates (and preferably have some kind of inbound/outbound traffic monitoring for that connection).