{"id":3709,"date":"2025-06-27T15:41:15","date_gmt":"2025-06-27T19:41:15","guid":{"rendered":"https:\/\/slice.peeza.app\/?page_id=3709"},"modified":"2025-07-18T17:18:49","modified_gmt":"2025-07-18T21:18:49","slug":"technology","status":"publish","type":"page","link":"https:\/\/slice.peeza.app\/fr\/technology\/","title":{"rendered":"The file transfer app that minds its own business."},"content":{"rendered":"<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-c24eaef3 wp-block-columns-is-layout-flex\" style=\"margin-top:0;margin-bottom:0\">\n<div class=\"wp-block-column left-side-navigation hide-on-mobile is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:33.33%\">\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/slice.peeza.app\/fr\/technology\/#authentication\" title=\"Security\">Authentication<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/slice.peeza.app\/fr\/technology\/#transfers\" title=\"\">Transfers<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/slice.peeza.app\/fr\/technology\/#temporary-transfer-data\" title=\"\">Temporary transfer data<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/slice.peeza.app\/fr\/technology\/#logs\" title=\"\">Minimal logging<\/a><\/li>\n<\/ul>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66.66%\">\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-block-group-is-layout-constrained\"><h1 class=\"wp-block-post-title\">The file transfer app that minds its own business.<\/h1>\n\n\n<p class=\"wp-block-paragraph\">Peeza provides an easy way to send files from one computer to another across operating systems. Data transits&nbsp;securely&nbsp;from one computer to another using the fastest route with as much bandwidth it can find. No copy in the cloud.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"authentication\">Authentication<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Peeza uses social login (e.g., Google, Apple) for secure authentication. We do not store, access, or share any personal information beyond your public username provided by the social service. No passwords or additional personal data are collected or retained.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"transfers\">Transfers<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Peeza uses the open-source <a href=\"http:\/\/syncthing.net\/\" target=\"_blank\" rel=\"noopener\" title=\"\">Syncthing<\/a> protocol to transfer files directly from one computer to another\u2014without storing anything on cloud servers. All transfers occur over TLS 1.3 encrypted connections, which protect against eavesdropping, tampering, and impersonation. Each device is cryptographically authenticated, and all communication is fully encrypted end to end.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">To optimize speed and efficiency, Peeza relies on <a href=\"http:\/\/syncthing.net\/\" target=\"_blank\" rel=\"noopener\" title=\"\">Syncthing<\/a>\u2019s block exchange mechanism. Instead of sending entire files, files are split into fixed-size blocks, each identified by a cryptographic hash. Only blocks that are missing or outdated on the receiving device are transferred, reducing bandwidth usage and ensuring data integrity.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">1. TLS 1.3<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"http:\/\/syncthing.net\/\" target=\"_blank\" rel=\"noopener\" title=\"\">Syncthing<\/a> is written in Go (Golang) and uses Go\u2019s native <code>crypto\/tls<\/code> package, which provides a full TLS 1.3 implementation as of Go 1.13+. This means it benefits from a battle-tested, standard-compliant TLS stack without relying on OpenSSL or other C libraries.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">2. Mutual Authentication<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">Unlike many TLS implementations that only verify the server, <a href=\"http:\/\/syncthing.net\/\" target=\"_blank\" rel=\"noopener\" title=\"\">Syncthing<\/a> performs <strong>mutual TLS authentication<\/strong>:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Each device has a unique X.509 certificate<\/strong>, self-signed and generated upon first startup.<\/li>\n\n\n\n<li>During a connection handshake, <strong>both peers verify each other&#8217;s certificates<\/strong> to ensure the identity of the connecting device.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">3. Certificate Fingerprints<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">Each device has a static certificate (typically stored in <code>cert.pem<\/code> and <code>key.pem<\/code>). The SHA-256 hash of this certificate\u2019s public key (the \u201cDevice ID\u201d) is what identifies the device in the <a href=\"http:\/\/syncthing.net\/\" target=\"_blank\" rel=\"noopener\" title=\"\">Syncthing<\/a> network.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This means:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Only explicitly trusted devices (whose fingerprints match) can connect.<\/li>\n\n\n\n<li>You can think of this as a built-in whitelist based on certificate fingerprints.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">4. Connection Flow<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A device wants to connect to another device.<\/li>\n\n\n\n<li>The TLS 1.3 handshake occurs, with both sides presenting certificates.<\/li>\n\n\n\n<li>If the certificates are valid and match known device IDs, the connection is allowed.<\/li>\n\n\n\n<li>From that point, all data is encrypted using TLS 1.3.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">5. No CA or PKI<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"http:\/\/syncthing.net\/\" target=\"_blank\" rel=\"noopener\" title=\"\">Syncthing<\/a> doesn\u2019t use a certificate authority (CA) or public PKI:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>All certs are self-signed.<\/li>\n\n\n\n<li>Trust is based on manually exchanging Device IDs.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">6. Security Benefits<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Perfect Forward Secrecy (PFS)<\/strong> is guaranteed by TLS 1.3 by default.<\/li>\n\n\n\n<li><strong>Strong cipher suites<\/strong> only (no downgrade attacks possible).<\/li>\n\n\n\n<li><strong>No user credentials or passwords<\/strong> are sent over the wire.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"temporary-transfer-data\">Temporary transfer data<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Peeza uses direct, peer-to-peer (P2P) connections \u2014 your files never pass through or are stored on any cloud servers.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">All file transfers occur&nbsp;<strong>exclusively between sender and recipient devices<\/strong>, encrypted end-to-end. We do&nbsp;<strong>not<\/strong>&nbsp;store, view, or process the contents of your files at any point. Temporary data related to a transfer is only stored locally on your device and is automatically removed after the transfer is complete or discarded.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"logs\">Minimal Logging<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">In accordance with <a href=\"https:\/\/www.priv.gc.ca\/en\/privacy-topics\/privacy-laws-in-canada\/the-personal-information-protection-and-electronic-documents-act-pipeda\/\" target=\"_blank\" rel=\"noopener\" title=\"\">Canadian privacy regulations<\/a> (PIPEDA), we maintain only the minimal technical logs necessary to operate our service securely and responsibly. These logs may include basic metadata such as connection timestamps and anonymized device identifiers.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">We do not store file contents, user activity, or any personally identifiable information beyond what is required for secure authentication (e.g., your social login username). Logs are kept only for a limited time and solely for the purpose of system maintenance, abuse prevention, or responding to legally valid requests from Canadian authorities.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">We are committed to protecting your privacy and ensuring that all data handling practices are transparent, proportionate, and compliant with Canadian law.<\/p>\n<\/div>\n<\/div>\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>","protected":false},"excerpt":{"rendered":"<p>Peeza provides an easy way to send files from one computer to another across operating systems. Data transits&nbsp;securely&nbsp;from one computer to another using the fastest route with as much bandwidth it can find. No copy in the cloud. Authentication Peeza uses social login (e.g., Google, Apple) for secure authentication. We do not store, access, or [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"wp-custom-template-no-titile","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"class_list":["post-3709","page","type-page","status-publish","hentry"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/slice.peeza.app\/fr\/wp-json\/wp\/v2\/pages\/3709","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/slice.peeza.app\/fr\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/slice.peeza.app\/fr\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/slice.peeza.app\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/slice.peeza.app\/fr\/wp-json\/wp\/v2\/comments?post=3709"}],"version-history":[{"count":67,"href":"https:\/\/slice.peeza.app\/fr\/wp-json\/wp\/v2\/pages\/3709\/revisions"}],"predecessor-version":[{"id":4158,"href":"https:\/\/slice.peeza.app\/fr\/wp-json\/wp\/v2\/pages\/3709\/revisions\/4158"}],"wp:attachment":[{"href":"https:\/\/slice.peeza.app\/fr\/wp-json\/wp\/v2\/media?parent=3709"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}