We have decided to use OwnCloud instead of continuing with Bittorrent Sync despite its breakthrough functionality, it’s rooted in preparatory IP rather than a commitment to open source software. It almost seemed to good to be true and other data exchange solutions with similar promise are available on better terms.
On the GitHub pages for the Debian package it states: “The source archive of this package contains nothing, since the original btsync binaries will be retrieved directly either from BitTorrent Inc. or alternatively from the maintainers site during package generation. The source archive of this package can be generated from scratch by executing make -f debian/rules get-orig-source. The original btsync binaries will be retrieved directly either from BitTorrent Inc. or alternatively from the maintainers site. See the get-orig-source target in the rules file”
On the Bittorrent Sync forums (here & here) a discussion around this issue took place over the last months, and a staff member stated that they still consider the option. In the meantime the Free Software Foundation has announced a free source Bittorrent Sync clone as a priority. Check out the wiki on SyncReplacement. In the forum the good old debate of free as in free beer vs. free as in freedom came up, referring to the Free Software Definition and the FOSDEM 2013 conference.
In the forum one user states that there “is a gaping security hole in BitTorrent Sync, and it appears the company has ignored the most prominent security threat that faces most of its potential users. One of the many lessons from the NSA scandal is that the successful way to beat encryption is through social engineering. Instead of hacking computers by brute force, the NSA and other spy agencies apply legal and fiscal pressure to obtain what they need. The international spy game is fiercely competitive, and it would be naive to suspect that the NSA has no interest in having direct access to the computer files of every American, since undoubtedly every foreign spy agency will want this information as soon as it is technologically and financially feasible. If we are unfortunate enough to experience a terrorist attack by an individual who used BitTorrent Sync for security, chances are very good that in the aftermath BT will be heavily pressured by the government into having btsync phone home with the secrets. This is independent of whether BT has already decided they’d like to have access to those secrets. Security against this attack vector cannot be guaranteed unless users can see the source code. It’s also worth mentioning that the primary concern *isn’t* necessarily that BT Sync users will be targeted by the government for unnecessary privacy violations. Edward Snowden has admitted to taking a job at Booz Allen Hamilton with the express purposes of making goverment secrets public. Thus we have clear evidence that — even if the NSA is just and secure — private security firms can be infiltrated by individuals with motivations that run counter to the motivation of the NSA. It seems likely that there have been other infiltrations of these security firms by more nefarious organizations. So even if we are entirely trusting of our government’s noble principles, the fact remains that the ability of BT Sync to transmit secrets home is a potential security hole that affects all of its users. Finally, we’ve seen some judges attempt to force defendents to decrypt their harddrives so that these drives may be searched. As of now, this legal point hasn’t been settled, and individuals might still have the ability to take the 5th amendment and refuse to decrypt their hard drives. What *has* been settled is that neither the 4th nor 5th amendment applies to information held for you by a third party. Thus if BT Sync for any reason has copies of your secrets, and you are being investigated for a crime (wrongly or otherwise) you have effectively no security from BT Sync. We need to know that BT Sync does not currently transmit secrets anywhere, and will never do so in the future. The only way we can really know these things for sure is to look at the source code.”