Welcome to Nextcloud News, our contributor blog roll. Nextcloud contributors should ask to get added!
Welcome to Nextcloud News, our contributor blog roll. Nextcloud contributors should ask to get added!
Many Software-as-a-Service companies from abroad are currently setting up European data centers, often together with European partners. With this, they hope to ease the growing European concerns around privacy, data protection and complying with existing and upcoming regulations like the EU General Data Protection Regulation (GDPR). But recent developments in US courts show this to be a risky proposition: the problem of privacy is far from resolved by ‘just’ putting data in Europe. For companies betting on Privacy Shield, using services from US companies directly or through an intermediary storing data in Europe, all this is very bad news.
In January, the Privacy Shield agreement was shaken to its foundations when newly minted US president Donald Trump signed an executive order stripping non-citizens of privacy rights.
Just two days before President Trump signed his executive order, Microsoft Ireland narrowly escaped a rehearing in a case that “could have resulted in chaos and a privacy disaster”. A three-judge panel had ruled that a US Government warrant could not be used to force Microsoft to hand over emails stored in Ireland and the Department of Justice was trying to have this decision reversed, but failed. Earlier in July 2016, Microsoft got a ruling against such access to customer data stored overseas.
However, this ruling does not seem to stand very strong. Google in June encountered a judge which says the Microsoft decision does not matter and ordered them to hand over data stored outside of the United States. As Techdirt describes it:
In essence, Google is being ordered to act as a government agent to secure all requested data wherever it happens to reside.
On August 10, a California federal judge said he would probably overrule Google’s objection about data stored overseas being outside the jurisdiction of the US Stored Communications Act. This would enable the US Department of Justice to obtain Google email account information.
On Monday, August 14, things got worse. Two US judges ruled in separate cases claiming extra-territorial jurisdiction over data stored by US companies in other countries. In one case, the judge noted the earlier Microsoft Ireland case was highly controversial and he agreed with the dissenting judges in that case. The judge in the other case went even further and opined that the Second Circuit court made a mistake in its Microsoft Ireland decision.
A final word on this will have to come from the United States Supreme Court, with an important potential swing vote the recent appointee by President Trump, Neil Gorsuch. The US Department of Justice already filed a petition for the court to consider the Microsoft Ireland ruling.
It is hard to predict what direction the Supreme Court will go but even if they uphold the decision made in the case of Microsoft Ireland by prohibiting the US government from demanding data stored overseas from US companies, there still is no long term certainty. President Trump has made it clear he wants no limit to his power and international agreements don’t mean much to him.
For companies betting on Privacy Shield, using services from US companies directly or through an intermediary storing it in Europe, all this is very bad news. If they face regulatory requirements to keep data private and in Europe, their data storage solution will likely no longer be compliant when the Supreme Court rules against Microsoft Ireland. And if not–the Trump administration seems determined to extend the reach of their department of justice and other government agencies.
Tobias Hagemann is an iOS app developer and designer. He is also a co-founder and CEO of Skymatic, where he focuses on creating software like Cryptomator. Hagemann will be delivering a lightening talk at the upcoming Nextcloud conference where he will talk about how to store sensitive files in your Nextcloud by using Cryptomator’s client-side encryption.
We talked to Hagemann to learn more about his talk.
Why do you think encryption is important?
Encryption is important as it protects your data and communication from unauthorized access by illegitimate parties. It is used to secure corporate secrets, guard against identity theft, or just to protect your privacy. If encrypted data falls into the hands of someone illegitimate, this person will not be able to read it. Not using encryption would be comparable to not locking your house – with the difference that the house can be entered from all over the world.
Is there any built-in encryption in Nextcloud? If not, what solutions are out there?
Nextcloud offers server-side encryption, see this for reference. However, there is no built-in solution for client-side encryption in Nextcloud. Cryptomator might be a strong contender for becoming just that as it’s easy-to-use, multi-platform, and open-source. Client-side encryption solves privacy issues by giving you full control of your data so that you don’t have to trust the server or its administrators.
What will be the highlight of your talk? Who should attend it?
You’ll learn how you can store sensitive files in your Nextcloud by using Cryptomator’s client-side encryption. You will get a brief overview of Cryptomator’s security architecture. We will go into more detail in the workshop afterwards.
Anyone from being curious on how to store sensitive files in the cloud to being enthusiastic about privacy is welcome to attend the talk. If you have deeper knowledge of Nextcloud’s storage feature, especially of its web browser integration, you’re more than welcome to join us for the workshop.
What exactly is Cryptomator?
Cryptomator is a client-side cloud storage encryption software by the German startup Skymatic. The software automatically encrypts files on your device before they are uploaded to a cloud storage. As Cryptomator is open-source, it solves the issue of trust that many institutions used to have when considering the use of cloud storage solutions. For the combination of transparency and usability, Cryptomator was awarded the CeBIT Innovation Award for Usable Security and Privacy in 2016. The software is available for all major operating systems (Windows, macOS, Linux) and on mobile devices (iOS, Android).
More info is available on cryptomator.org
You will also be conducting a workshop, can you tell us more about the workshop?
The workshop’s focus is on Nextcloud’s storage feature. We will explore Cryptomator’s encryption scheme and security architecture in full detail. We will cover common cloud storage scenarios and how Cryptomator handles them including its limitations.
Goal of this workshop is to draft an architecture or concept on how Cryptomator could be integrated into Nextcloud in order to achieve client-side encryption in a web browser.
Joas Schilling is a Software Engineer who has been involved in open source for over a decade. He is a a core member of the phpBB developer team and has been working on ownCloud code since late 2013. He graduated from the University of Stuttgart and developed the Notifications and Activities technology in Nextcloud. Schilling will be delivering a talk at the upcoming Nextcloud Conference in Berlin.
Who should be attending your session and why?
Server app developers and client developers, so they can see what we can do to make Nextcloud more integrated into people’s work flows.
When you talk about notifications in Nextcloud, what are we actually talking about? Aren’t notifications client dependent? I mean the app can have its own notifications mechanism vs desktop client and web interface? Can you please elaborate?
We have an API which provides notifications for various things (all provided by the various apps):
All these should come to the attention of the users sooner rather than later. For this we implemented the notifications in the desktop client a while ago. With the next releases of the mobile clients they will follow (including push notifications), bringing yet more power to notifications.
Notifications are extremely important yet often overlooked features, how important are notifications for NC?
See above, we are strengthening the notifications system more with the mobile clients. When they finally reach the users through all channels, they can be used even more.
How mature are notifications in NC?
Notifications are quite well implemented on the server side. Clients are currently not done. They need a bit more work, but that is already in the pipeline.
Is the notifications work fully in-house or you take contributions also?
As you can see on the examples above, each Nextcloud app can create notifications. We just built the eco-system, now it needs to grow to it’s potential
Klaus Herberth is a Ph.D. student at the Distributed Systems Laboratory at the University of Konstanz, Germany and he started chat application project as part of his Bachelor thesis. His research is about secure communication in dynamic groups with the goal to create a solution with high usability. Herberth will be delivering a talk at the upcoming Nextcloud Conference and we talked to him to learn more about his work.
What’s the topic of your talk and what’s the major highlight?
It’s about the chat app in general and how Nextcloud can be used as authentication backend for XMPP servers and saslauthd capable services (e.g. Cyrus).
Who should attend your talk?
Everyone who is interested in privacy aware communication. Every Nextcloud administrator who is interested in privacy aware communication and how this can be integrated in an existing infrastructure.
When you talk about chat capabilities in Nextcloud, what kind of users or customers are you looking it?
We offer services for small installations (internal XMPP server written in PHP), but also for huge installations with their own XMPP server.
The JSXC community tried to create the easiest to use chat app available on the market, so every user would have the ability to use our app without training. We also kept in mind the different types of Nextcloud instances, from small webspace installations to large cloud structures and serve for every purpose the appropriate solution. For example administrators who are not able to install an XMPP server can use our internal XMPP backend. It comes with limited functionality, but it’s super easy to setup and provides all the necessary functions to have a great chat experience.
Is the NC chat app a third party app or part of the core?
It’s a third party app. The app and the corresponding client library, which can be integrate into every web application, is maintained by the JSXC core team and a growing community. The core team consists currently of Marcel, Daniel and me from the University of Konstanz and Tobia from Belgium.
How secure is the chat communication? How do you ensure privacy? Will you be talking about these topics too?
Sure. Security and privacy are important topics for JSXC and probably the main reason why this project was founded. All communication is handled on the Nextcloud server or your own XMPP server. If you talk to untrusted XMPP servers (which is possible, because XMPP is federated) you can use OTR (end-to-end encryption) to protect your messages and we are currently working on supporting OMEMO as well.
Is this your first NC conference? What kind of engagement are you expecting at the conference?
It’s my first Nextcloud conference, but two years ago I was at the Owncloud conference where I met Tobia who also developed a separate chat application. In those days we decided two merge our apps and create one awesome chat for the hole Owncloud family. I am really looking forward to the conference, because last time it was a great week with a lot of interesting and helpful discussions. It’s a great experience to meet the people behind a faceless nickname. You get another contact to the people and this also influences your communication if you are back home.
The Windows App for Nextcloud is available since November last year. Since then, we got a lot of feedback from the users and some contributors were involved in developing the next version. So today we are proud to announce version 1.1.0 of the Nextcloud App for Windows Mobile! You can find it in the Microsoft Store.
Good news: The app is now also available as free trial version. This version is fully functional without limitations. But if you want to support further development, you can also choose the full version for $0.99.
There are a lot of new features in the new version. We focused on features which were missing in the first release of the app, security and stability.
For the next version, we’re planning full Windows Universal Platform (UWP) support. This means the app will run on all your devices and adapt to the available screen size responsively. It will even run on the upcoming Windows 10 S.
Besides manual synchronization of folders, the next version will also include an automatic synchronization feature so that new files (e.g. pictures taken) will be automatically uploaded to your Nextcloud. The next app will also get a renewed design that looks much more like Nextcloud.
You can see a list of all the contributors on Github.
Special thanks go to:
If you want to contribute to this project, feel free to take a look at the GitHub repository and start coding – it’s all open source.
You’re also welcome to report any bugs or feature requests on the GitHub issue page of this project.