Nextcloud Planet

Welcome to Nextcloud News, our contributor blog roll. Nextcloud contributors should ask to get added!

Opinions are the responsibility of those who express them. See our privacy policy.

If you'd like to stay up to date with Nextcloud news you could also subscribe to our newsletter! A RSS feed with only release updates can be found here

Nextcloud GmbH joins the LOT Network
January 18, 2018

Nextcloud was founded on the idea that the true open source is great for business and home users alike. We joined the Open Source Business Alliance in Germany to help promote this idea and use openChain to validate our licensing model so our customers can rest assured our software is what we say it is.

The fastest-growing solution to the patent troll problem

A next, logical step, would be to address software patents. We’d like to announce that Nextcloud has formally joined the LOT Network, putting us in the company of businesses like Tesla, CISCO, ebay, Volkswagen, and Oracle.

What is the LOT Network

What does Nextcloud have in common with Lyft, Facebook, Amazon or Salesforce? As members of the LOT Network, we’re protected against over 800,000 patents that are or could end up in the hands of patent trolls!
The LOT Network protects its members from lawsuits from Patent Assertion Entities (PAE or Patent Trolls). When a member of the network sells or transfers a patent to a patent troll, all members are automatically granted immunity against lawsuits from that troll for the life of that patent.

This effectively neutralizes the threat of these nasty inhibitors of innovation! The Lot Network is a not-for-profit association of international companies, looking for any company, university or inventor to join. You can learn more about the LOT network and how it works on this page.

We’re very happy to join the team and help keep harmful trolls out of the software business!

read more

Nextcloud Events the coming weeks
January 17, 2018

The coming weeks, you’ll have a chance to meet Nextcloud at a variety of events across the globe. We’ll be in Poland, Germany, Singapore, and Belgium! Read on to find what’s where and when.

CS3 workshop: research and education in Poland

On January 29 in Krakow, Poland, the Department of Computer Science from the University of Krakow hosts the CS3 Workshop on Cloud Services for Synchronisation and Sharing. This event, co-organized by global research collaboratives CERN, ETHzürich, CYFRONET, SURFSARA, and AARNet, is sponsored by Nextcloud and several other cloud vendors. The event focuses on the needs of education and research: large amounts of data, users all over the world, easy collaboration and pushing the borders of scalability. With Global Scale, Nextcloud is uniquely positioned among the vendors to provide a solution for the needs of these organizations and this is thus one of the sessions on the program. Other Nextcloud sessions go into practical details. One covers scaling with Docker/Kubernetes, another covers best practices from Nextcloud customers including TU Berlin, SIEMENS, and a global mobile carrier.

On Tuesday, a panel on the future of File Sync and Share is hosted by the Nextcloud founder Frank Karlitschek, CERN’s Jakub Moscicki and David Jericho from AARNet.

Univention Summit 2018

Just a day later, on February 1st, the Univention Summit kicks off in Bremen. This event, organized by the team behind the Univention Server, has Nextcloud as one of its two Platinum sponsors and features a keynote by Frank Karlitschek as well as a table where people can ask questions. We’ll also do a workshop on running Nextcloud on your Univention server.

The Univention Summit this year has a focus on secure identity management and digitalization in education. The event has a presence of two dozen open source companies presenting their products and comes with workshops, talks, keynotes, and roundtables.


After the Univention Summit, FOSDEM starts. We blogged about it before: we have a booth and several talks including one on the main track by Frank. If you’re interested you can still join the booth team!

On March 10, the Chemnitzer Linuxtage kicks off and we’re looking for people to help at the booth we requested! There will also be a talk by Frank.

At FOSSASIA in Singapore, March 22-25, Frank will give a keynote about File Sync and Share, privacy, security and related matters.

Of course, we’ll be at many more events this year, keep an eye on our events page!

read more

Roeland Jago Douma
Introducing DropIt
January 15, 2018

A few weeks ago I was chatting with Tobias one of the Android engineers at Nextcloud. He mentioned how he oftened wanted to just share a file quickly with somebody or just share some text. Basically your own privately hosted pastebin.

This got me thinking about the amount of files that are stored on my Nextcloud that are just sitting there because I wanted to quickly share them with somebody but I forgot to delete them afterwrads. So long story short I decided to spend some time to write a little Nextcloud app that allows you to do this.

So I'm excited to introduce DropIt to the world. It is available in the app store for Nextcloud 13!

The app ties together a lot of functionality already available in Nextcloud. There is a simple interface to upload your files or text (any help on the UI/UX side is appreciated!). And a cron job that deletes files older than 2 weeks.

So go check it out. And I'm looking forward to all your pull requests to the github repository.

read more

Jos Poortvliet
Nasty fall-out from Spectre and Meltdown
January 12, 2018

I guess it's hard to miss Spectre and Meltdown so you probably read about it. And there's more bad news than what's been widely reported, it seems.

You trust the cloud? HAHAHAHA

What surprised me a little was how few journalists paid attention to the fact that Meltdown in particular breaks the isolation between containers and Virtual Machines - making it quite dangerous to run your code in places like Amazon S3. Meltdown means: anything you have ran on Amazon S3 or competing clouds from Google and Microsoft has been exposed to other code running on the same systems.

And storage isn't per-se safe, as the systems handling the storage just might also be used for running apps from other customers - who then thus could have gotten at that data. I wrote a bit more about this in an opinion post for Nextcloud.

We don't know if any breaches happened, of course. We also don't know that they didn't.

That's one of my main issues with the big public cloud providers: we KNOW they hide breaches from us. All the time. For YEARS. Yahoo did particularly nasty, but was it really such an outlier? Uber hid data stolen from 57 million users for a year, which came out just November last year.

Particularly annoying if you're legally obliged to report security breaches to the users it has affected, or to your government. Which is, by the way, the case in more and more countries. You effectively can't do that if you put any data in a public cloud...

Considering the sales of the maximum allowed amount of stock just last November by the Intel CEO, forgive me if I have little trust in the ethical standards at that company, or any other for that matter. (oh, and if you thought the selling of the stock by the Intel CEO is just typical stuff, nah, it was noticed as interesting BEFORE Meltdown & Spectre became public)

So no, there's no reason to trust these guys (and girls) on their blue, brown, green or black eyes. None whatsoever.

Vendors screwed up a fair bit. More to come?

But there's more. GregKH, the inofficial number two in Linux kernel development, blogged about what-to-do wrt Meltdown/Spectre and he shared an interesting nugget of information:
We had no real information on exactly what the Spectre problem was at all
Wait. What? So the guys who had to fix the infrastructure for EVERY public and private cloud and home computer and everything else out there had... no... idea?

Yeap. notes (in German) that the coordination around Meltdown didn't take place over the usual closed kernel security mailing list, but instead distributions created their own patches. The cleanup of the resulting mess is ongoing and might take a few more weeks. Oh, and some issues regarding Meltdown & Spectre might not be fix-able at all.

But I'm mostly curious to find out what went wrong in the communication that resulted in the folks who were supposed to write the code to protect us didn't know what the problem was. Because that just seems a little crazy to me. just a little.

read more

Frank Karlitschek
Nextcloud Talk is here
January 11, 2018

Today is a big day. The Nextcloud community is launching a new product and solution called Nextcloud Talk. It’s a full audio/video/chat communication solution which is self hosted, open source and super easy to use and run. This is the result of over 1.5 years of planing and development.

For a long time it was clear to me that the next step for a file sync and share solution like Nextcloud is to have communication and collaboration features build into the same platform. You want to have a group chat with the people you have a group file share with. You want to have a video call with the people while you are collaborative editing a document. You want to call a person directly from within Nextcloud to collaborate and discuss a shared file, a calendar invite, an email or anything else. And you want to do this using the same login, the same contacts and the same server infrastructure and webinterface.

So this is why we announced, at the very beginning of Nextcloud, that we will integrate the Spreed.ME WebRTC solution into Nextcloud. And this is what we did. But it became clear that whats really needed is something that is fully integrated into Nextcloud, easy to run and has more features. So we did a full rewrite the last 1.5 years. This is the result.

Nextcloud Talk can, with one click, be installed on every Nextcloud server. It contains a group chat feature so that people and teams can communicate and collaborate easily. It also has WebRTC video/voice call features including screen-sharing. This can be used for one on one calls, web-meetings or even full webinars. This works in the Web UI but the Nextxloud community also developed completely new Android and iOS apps so it works great on mobile too. Thanks to push notifications, you can actually call someone directly on the phone via Nextcloud or a different phone. So this is essentially a fully open source, self hosted, phone system integrated into Nextcloud. Meeting rooms can be public or private and invites can be sent via the Nextcloud Calendar. All calls are done peer to peer and end to end encrypted.

So what are the differences with WhatsApp Calls, Threema, Signal Calls or the Facebook Messenger?
All parts of Nextcloud Talk are fully Open Source and it is self hosted. So the signalling of the calls are done by your own Nextcloud server. This is unique. All the other mentioned solutions might be encrypted, which is hard to check if the source-code is not open, but they all use one central signalling server. So the people who run the service know all the metadata. Who is calling whom, when, how long and from where. This is not the case with Nextcloud Talk. No metadata is leaked. Another benefit is the full integration into all the other file sharing, communication, groupware and collaboration features of Nextcloud.

So when is it available? The Version 1.0 is available today. The Nextcloud App can be installed with one click from within Nextcloud. But you need the latest Nextcloud 13 beta server for now. The Android and iOS apps are available in the Google and Apple App Stores for free. This is only the first step of course. So if you want to give feedback and contribute then collaborate with the rest of the Nextcloud community.

More information can be found here and here







What are the plans for the future?
There are still parts missing that are planed for future version. We want to expose the Chat feature via an XMPP compatible API so that third party Chat Apps can talk to a Nextcloud Talk server. And we will also integrate chat into our mobile apps. I hope that Desktop chat apps also integrate this natively. for example on KDE and GNOME. This should be relatively easy because of the standard XMPP BOSH protocol. And the last important feature is call federation so that you can call people on different Nextcloud Talk servers.

If you want to contribute then please join us here on github:

Thanks a lot to everyone who made this happen. I’m proud that we have such a welcoming, creative and open atmosphere in the Nextcloud community so that such innovative new ideas can grow.

read more