Nextcloud AMA!!


  • Vendor

    Hi all!

    Today we kick off the AMA and it'd be cool to give you a chance to start asking questions already... ;-)

    So, I thought I'd give you a few interesting tidbits of history & who we are to read through ;-) and then - ask below. We (Frank, Lukas and myself) will introduce ourselves at T=0 and I'll make sure we cover those questions during the AMA.

    Now, HISTORY.

    before the world was born

    kidding, of course. So in 2010, Frank announced ownCloud: a project to built an alternative for Dropbox, Google Drive and similar. A bunch of folks joined, it was fun and some releases were made (ownCloud 1.0, 1.1, 2.0). Frank the met 2 guys, former SUSE exec's, who brought in investors and the three started a company. Many of the community members were hired and for about 5 years, lots of open source software was written.

    Also some closed source, as ownCloud followed an Open Core model: you had to sign your copyright away to be able to contribute. Only customers got access to a subset of features.

    Nothing horribly wrong in principle, but a model that is hard to keep in balance. And May 2016 Frank left because that balance wasn't going in the right direction. With him almost all engineers left and started a new company, with the founder of Red Hat Germany as co-founder and investor. This time no open core, but fully open source.

    Today, Nextcloud is the biggest, most active open source file sync and share project and the business is profitable and growing fast.

    Boxes & stuff

    So we've been doing a bunch of cool things. Yes, that includes Nextcloud 9, 10 and 11. Also very exciting is our collaboration with Canonical and Western Digital, resulting in the Nextcloud Box, a Raspberry Pi based private cloud server.

    And what else?

    We're building Spreed, audio/video chat integrated in Nextcloud. We worked with Collabora to create a docker image so now all Nextcloud users (as well as users of Kolab, Seafile and even ownCloud) have access to a private online office. There are other, interesting apps in development like Passman, a password manager (with KeePass import), Nextant, a full text search tool (we hired its author earlier this month - if you built such a cool app, WE WANT YOU!), and there's Mail, Calendar, News, Contacts and two-factor authentication and more, all developed by contributors from our community, or employees, or both together.

    Oh and I should mention...

    • We organize the Nextcloud Conference, August 22-29 in Berlin
    • We are present at loads of conferences like SCALE, MWC and more and organize our own meetups, see our events page
    • If you read through all these boring details you deserve something. So, ask a question during the AMA involving bananas tomorrow and you have a chance to earn a Nextcloud Box.


  • Are there going to be any more cloud storage Integrations such as one drive or box?



  • Are we going to see any major changes in next cloud in the upcoming versions (core functionality not apps).



  • Are nextcloud downloads exceeding owncloud downloads yet?



  • Is there any possibility for a SharePoint like plug-in for MS Office?



  • Any plans to make a version for windows server?



  • Hi everyone. I'm Frank. I originally founded ownCloud and now Nextcloud. The motivation is and was to build a self hosted and fully open source solution so that people can control their data and communication. After living in Boston, USA I now moved back to Stuttgart, Germany. Looking forward to a great discussion here.


  • Vendor

    Hi all!!!

    I'm Jos Poortvliet, I hang quite a bit on these forums so you might have seen me around. I'm a technology fan but actually studied psychology and worked as 'business consultant' ("shuffling paperwork and making Excel sheets for management") for banks and telecom companies for a while. I've been doing volunteer work in open source since early 2000's and then got employed at SUSE to do a bit more of it ;-)

    Been handling community and communication at openSUSE, then ownCloud-now-Nextcloud where I more formally do mostly marketing. Well, head of marketing, even, that is, I am allowed to tell myself what to do next :P

    I live in berlin, love cooking but my wife and dog would say I work too much. Probably because so many people and companies and governments (!) still put their data at some random company and that scares me. I think we should control our data and I want to help citizens & organizations get there ;-)


  • Vendor

    Hey there!

    My name is Lukas, I have been contributing to the ownCloud/Nextcloud code since 2012. Which in conclusion means that I am responsible for many of the security hardenings and features in the code. So if you ever saw an annoying security warning such as the "Trusted Domain Warning", then you can probably blame me for this ;-)

    Before I worked as security assessment and forensic investigator. Which means reviewing security, giving trainings and dealing with breaches at Fortune 500 companies. Personally, I do however believe that I have a way bigger impact by helping securing one of the most fascinating open-source projects out there.

    I happen to live in Switzerland, which probably shows you how distributed the Nextcloud team actually is :-) And because Jos just asked for it a few minutes ago: My favourite color is certainly "pink", my first pet was named "Dieter" and my mothers maiden name is "Müller". Figure if that helps you answering the password reset questions ;-)

    Cheers
    Lukas



  • Have you heard of SQRL authentication and have you investigated including it?



  • @IRJ Yes. There is the External Storage app that can do that. So far there is no connector for Box or onedrive. But this should be relatively easy to do. Maybe someone in the community is interested in doing this as a first contribution? :-)



  • @jospoortvliet said in Nextcloud AMA!!:

    Probably because so many people and companies and governments (!) still put their data at some random company and that scares me. I think we should control our data and I want to help citizens & organizations get there ;-)

    Can you expand upon what you mean by this?



  • @IRJ Yes. There are always big and cool new features coming. :-) Actually the Nextcloud community is more active then ever. But it's not clear yet which features make it into the next major version. So we have to wait until the first beta is done. :-)



  • Are there any considerations for 2FA?


  • Vendor

    Have you heard of SQRL authentication and have you investigated including it?

    I happen to have heard about it but we didn't look into that. In terms of authentication, at the moment we're working on actively improving our SSO plugin which now also supports Kerberos for example.

    As Nextcloud is quite modular adding another authentication module via API should be quite easy. If you're interested in adding support SQRL authentication and have some PHP knowledge, I'd recommend to join us on help.nextcloud.com in the developers forum or on IRC #nextcloud-dev in Freenode.



  • @Dashrender Not sure what you mean? A way to safe into Nextcloud directly from the Office Safe Dialog? This is of course possible. Just safe in a specific folder that is then synced to the server with the Desktop Client. Is this what you mean? :-)


  • Vendor

    @IRJ said in Nextcloud AMA!!:

    Are nextcloud downloads exceeding owncloud downloads yet?

    we actually don't have solid numbers. Part of that is due to packages already in a few distributions, part because we don't track that stuff too closely... That was similar at ownCloud so it is very hard to compare, even if I had recent numbers.

    What I can see is that the numbers we DO have grow nicely, with January being almost 10% more than December last year... But it fluctuates quite a bit.



  • @RojoLoco As a server OS? We tried to do this in the past but PHP on Windows is just not very good. So the recommended way is to run a Linux VM on the Windows Server. This works fine. :-)


  • Vendor

    Are there any considerations for 2FA?

    @dafyre We've already added support for 2FA support in our latest major release. We officially support hardware two-factor auth using U2F and TOTP. See https://apps.nextcloud.com/?order_by=name&ordering=asc&is_featured=true.



  • @Frank-Karlitschek said in Nextcloud AMA!!:

    @RojoLoco As a server OS? We tried to do this in the past but PHP on Windows is just not very good. So the recommended way is to run a Linux VM on the Windows Server. This works fine. :-)

    Paying for a Windows license defeats the purpose of Open Source anyway :)

    Not to mention that windows servers eat resources.



  • There does not seem like an easy way for a Windows user to setup & use Nextcloud.
    Can you comment on this?



  • @Frank-Karlitschek said in Nextcloud AMA!!:

    @Dashrender Not sure what you mean? A way to safe into Nextcloud directly from the Office Safe Dialog? This is of course possible. Just safe in a specific folder that is then synced to the server with the Desktop Client. Is this what you mean? :-)

    While what you explained is possible, that sync client puts all the files at risk of a cryptoware attack.

    What I am specifically looking for/asking about is an API that plugs-in to MS Office to save directly to the server without the sync client, like MS Office has for Sharepoint. Access through an API like this significantly reduces the ability of cryptoware to affect the files through this avenue.


  • Service Provider

    With almost all software I am a heavy propoent of the repo based model because it drastically simplifies things for the administration side of the house.

    I know I can log into every single system and yum update or apt-get update and be done.

    I can also be very confident that it will always just work.

    With NextCloud, you have decided against doing a repository based model and have an auto updater.

    Why is this being done this way? What possibly administration benefit do I gain from it?



  • @FATeknollogee On Nextcloud.com you can download fully configured VMs. Should be easy to run. :-)



  • @LukasReschke said in Nextcloud AMA!!:

    Have you heard of SQRL authentication and have you investigated including it?

    I happen to have heard about it but we didn't look into that. In terms of authentication, at the moment we're working on actively improving our SSO plugin which now also supports Kerberos for example.

    As Nextcloud is quite modular adding another authentication module via API should be quite easy. If you're interested in adding support SQRL authentication and have some PHP knowledge, I'd recommend to join us on help.nextcloud.com in the developers forum or on IRC #nextcloud-dev in Freenode.

    I'm not a coder at all, so I would be of little to no help here ;)

    The principals behind SQRL pretty much get us away from usernames and passwords on websites, and also mostly gets rid of the reasons for 2FA (though there is still an argument for 2FA)



  • This post is deleted!


  • @Dashrender Another way of doing this is to use WebDAV as a mount and directly safe there.



  • @Frank-Karlitschek said in Nextcloud AMA!!:

    @RojoLoco As a server OS? We tried to do this in the past but PHP on Windows is just not very good. So the recommended way is to run a Linux VM on the Windows Server. This works fine. :-)

    And no licensing issues.


  • Vendor

    @Dashrender said in Nextcloud AMA!!:

    Can you expand upon what you mean by this?

    Sure. You might remember the epic 'dick pics' episode from John Oliver & Edward Snowden: https://www.youtube.com/watch?v=XEVlyP4_11M

    This was quite awesome but at the same time - there really is an issue here. And most people have no idea. A lot of people clearly are storing their data at Google, Dropbox etcetera. Now that would be fine as long as that is data that can't be abused but that is often not the case. The terms of service of these companies doesn't protect you or your data and they are massive targets for hackers. Yes, they have good security people but nothing is ever perfectly secure and it is sooooo attractive to hack them...

    And businesses are not too different - lots of them, even schools and universities and hospitals, store data on public clouds or at providers outside their country. And that can be abused in a whole bunch of ways, from government spying to corporate espionage to extortion of companies and individuals.

    THAT scares me. Just look at the DNC scandal influencing politics in the USA. If you put your data at a public cloud, you're painting a massive target on it. If you have your own IT team taking care of it, as political organization, you can (emphasis on CAN, of course) do a much better job keeping it safe. And that can steer elections, politics, economics, everything.

    That was the main motivation for Frank, back in the day, to announce a project to solve this and we at Nextcloud share this goal.



  • @FATeknollogee said in Nextcloud AMA!!:

    There does not seem like an easy way for a Windows user to setup & use Nextcloud.
    Can you comment on this?

    Sure there is, the Western Digital appliance. :)


Log in to reply
 

Looks like your connection to MangoLassi was lost, please wait while we try to reconnect.