There a newly released third-party iOS client https://www.mobiussync.com. Unfortunately it closed source, which is what has stopped me from purchasing it (the free version is limited to 20mb sync).
I'm not too worried about the client being closed source, especially not when the server is open sourced.
For Syncthing there is of course the potential problem of the client leaking the secrets to the author, giving them unauthenticated access to the server.
Thanks for the pointer, i'll check it out, though i've had a "lifetime" license for Resilio for years, and it scratches my itch, so there's no pressure to switch.
I have used syncthing in the past for server to server synchronization, a task it performs extremely well, but previous attempts at creating a "road warrior" setup from iOS (with f:sync) all ended in clients taking minutes to connect to the backend, where Resilio would do it in seconds. I'll give it another try.
> I'm not too worried about the client being closed source, especially not when the server is open sourced.
> For Syncthing there is of course the potential problem of the client leaking the secrets to the author, giving them unauthenticated access to the server.
Yes, that is the risk. It is significant because the credentials entered into the closed source Mobiussync app (that wraps the open source Syncthing node) would allow the author (if malicious, which I have no reason to believe they are) to access all of your files (even if your other nodes are behind firewalls, by design).
Now, I’d like to believe Mobiussync is doing the right thing. It aligns with their economic interests to not steal credentials, since nothing would kill their app sales faster if found out. I imagine it also would be easy to detect if the app was exfiltrating credentials by monitoring app communications. I’ve also read the announcement post: https://forum.syncthing.net/t/isyncthing-ios-client-for-sync... and appreciated the way the author engaged with the Syncthing community here: https://forum.syncthing.net/t/mobius-sync-ios-client-now-in-... . Based on my assessment of their conduct and the factors above, I feel almost certain Mobiussync does the right thing by its users.
But economic incentives change, authors change, bugs in code happen, and a good feeling is not the same as verifiability. The risk may be small but at stake is all your data.
I’d certainly pay more than the (very reasonable) price the authors ask for, for the additional peace of mind given by open source.
I just purchased it as well. It's less than a cup of coffee, and most importantly not subscription based.
I may or may not use it (gonna evaluate Syncthing to replace Resilio), but at least i can support the developer for making a thing that was VERY much needed.
