FreshRSS

πŸ”’
❌ About FreshRSS
There are new available articles, click to refresh the page.
Yesterday β€” December 9th 2019Releases

Nextcloud will rock FOSDEM for another year! Are you ready?

Awesome news!

Like past years, in February 2020 we will be present at Fosdem and again we will host a booth, along with our friends from DAVDroid and ONLYOFFICE this time! Even our friends from Bareos and Rocket.chat might join, seems fun 😃
People from our team will be there and we hope to have a large presence of our community too!

Come and find us at our booth, ask what’s awesome about nextcloud and what’s coming next! Collect some Nextcloud or “who owns your data” stickers, cool swag and find out more about our future events, latest news and open source friends!

Event: FOSDEM

Location: ULB Solbosch Campus in Brussels, Belgium

Dates: February 1-2

Find more information about the event here.

Help us at the booth!

The previous years we had teams of over a dozen enthusiastic volunteers to present our project to the thousands of visitors and this year, we hope to have an even bigger and cooler presence. We’re always very happy to have a large team of volunteers there, which allows us to be literally everywhere at the event! Would you like to help us? Find out more here.

Booth location & talks

Usually stands are located in three buildings on the campus: the upper and lower corridors of the K building, the lower floor of H and the corridors of AW. The list of stands with their location will be available on the FOSDEM website. We will update you with the exact location once we know it 😉 and we will list here all the talks from our community as soon as we’ll know more about those!

If you’ll present a talk related to Nextcloud, shoot us an email to events@nextcloud.com with the details (title, short description) and we’ll add it to this post 🙂

Happy FOSDEM everyone!

Before yesterdayReleases

Nextcloud 3.9.2 for Android is out! Plus tips about markdown preview and calendar integration

Android client 3.9.2

Starting from today Android client 3.9.2 is available in the app store! Yesterday we released the 3.9.1 version of our Android app, a minor release bringing small fixes, lots of improvements in translations and other refinements.

Note that we released 3.9.2 today as a result of a bug that caused a login loop in cases when app protection was enabled. The bug is now fixed! If you haven’t enabled automatic updates in your mobile, please update your app to 3.9.2.

Improved image viewer

On certain devices, the app crashed when you opened a png image and then clicked on it to replace the transparent background with the chessboard-style pattern. The issue is now fixed by using png instead of a vector drawable for bitmap without causing the app to crash.

 

Get the app

Note: This release will be available on Fdroid after up to 24 hours.



Nextcloud 3.9.2 for Android



Nextcloud 3.9.2 for Android

Nextcloud 3.9.0 for Android

In case you missed it, we released Android client 3.9.0 with some awesome new features last month. Read about the remote wipe integration, new media player and many more!

Tips: did you see these?

Make your life easier with some Nextcloud Android app features you might haven’t noticed yet.

Markdown preview with syntax highlighting

Markdown preview with syntax highlighting
Markdown files are an easy way of taking meeting notes with your colleagues, writing down some quick ideas or thoughts, drafting a new proposal during a team call etc. After structuring the text with basic formatting in a human readable way you usually have to get back to it, maybe on the go, or you share it with other people who access from their mobile phones.

Many syntax highlighting for markdown preview, in read mode only are now supported in your Nextcloud app for Android. Markdown files are human readable and well structured even when you access them on the go!

DAVx⁵ integration

DAVx⁵ has released its 2.6 version which is compatible with Android 10 and Nextcloud Login flow is implemented. You can even setup DAVx⁵ from your Nextcloud app with 2FA. Note that this is supported by Nextcloud Android app 3.9.0 or newer.

Check the video here for a step by step demonstration.

More

Of course many fixes, refinements and features are being made regularly and older versions of Nextcloud are not supported. The Android app warns you of the risks of running an outdated version. Nextcloud 12 is the oldest release that will work with this version of our app. We strongly recommend private users to upgrade their Nextcloud servers.

As companies sometimes have to use older versions, Nextcloud offers long term support. Contact our sales team for more information on this.

Feedback

We appreciate your feedback! If you’d like to share your comments with us, continue the discussion in our forums. What’s the best thing about the Android app so far?

Thank you community!

A big thanks goes to all the awesome members of our community that regularly help us make Nextcloud better, by translating or reporting and fixing issues!

Would you like to contribute to our Android app too? Check out all you need to know here.

Enterprise File Sync & Share – what it is and what to look for

An Enterprise File Sync and Share (EFSS) is a piece of software that gives users access to documents, photos and videos on any of their devices. It also allows them to easily share these documents with others. In this blog we highlight some typical features of EFSS and what to look for in a solution.

According to TechTarget, the most common reason for deploying an EFSS is to prevent users from using consumer-based file sharing apps to store, access and manage corporate data outside the IT departments’ control and visibility.

Key features

EFSS applications generally offer the following abilities:

  • Sync files from corporate storage to user desktops and mobile devices so users can work wherever they are
  • Let users share links to files and folders within and outside the organization to simplify collaboration
  • Integrate in existing user management and enterprise applications so IT can manage access and permissions to data
  • Protect data with anti-virus, encryption and Data Loss Prevention and provide auditing and reporting on activity around files

Most EFSS solutions are cloud based. There are some hybrid or on-premises alternatives.

What it looks like

file view
A typical EFSS web interface showing files and a sidebar with sharing options for the selected file
sidebar with talk
More advanced solutions allow real-time document editing and communication in one interface
access on any device
These features are all available on mobile so team members can work wherever they want

Differentiators

What differentiates EFSS solutions? The most important factors enterprises look for are these:

  • Ease of use.
    A simple, familiar interface is key for fast adoption. While, for example, some more complex document management solutions, groupware products or workflow tools have some EFSS features, they tend to be too complicated so users keep using Dropbox or Google Drive.
  • Infrastructure integration
    Another key barrier to adoption is integration in existing data silos and user management. While most off-premises solutions integrate with Active Directory, data typically has to be migrated. On-premises solutions can offer access to existing data on Windows Network Drive, Sharepoint or FTP storages, as well as Outlook and other integrations.
  • Integration of collaboration
    The market is quickly moving away from file exchange solutions and towards integrated work flows with video chat, task management and collaborative document editing built in (thus evolving into “content collaboration platforms”). Solutions which are slow to adopt to these trends present a long-term risks for their customers as migrations are costly.

Security

EFSS software is entrusted with highly valued and sensitive data. The loss of company secrets due to theft, the risk of leakage of private customer data or the productivity hit of a ransomware attack is huge and thus EFSS vendors offer a range of cutting-edge security capabilities. Look for these when picking a secure solution:

  • Multiple layers of encryption for in-transit, on-disk and client-side protection
  • Active security measures like advanced two-factor authentication and ransomware protection
  • Technological hardenings like brute force detection and browser-security like CSP and SCC
  • A well-ran security bug bounty program (example) to balance out the value of the data you store
  • Unique features showing a vendor takes security serious, like machine learning based protection or novel file sharing protections

You can compare the most popular cloud-based EFSS, Microsoft OneDrive, with the most popular on-premises solution, Nextcloud.
Compare OneDrive and Nextcloud

Unique sharing security: video verification


Nextcloud features a unique and extremely powerful security feature you can use to give your shares the ultimate protection: video verification.

When you need ultimate protection

Imagine you need to share very sensitive data to somebody. Say it is the result of a medical test, or important financial data. You want to make sure nobody else than the intended recipient can gain access to this data.

You could send a link with the files, protected with a password. Sending the password separately means a third party trying to intercept the communication will have a hard time catching both the link and the password. However, often both still arrive on the same mobile phone. Moreover, it is not that uncommon that more than one person have access to that device: a spouse, or kid, for example.

Video Verification

Video Verification is a very powerful and innovative way to verify the identity of the person you share with before you hand them over the password for the share. Rather than emailing or sending the password over chat, the recipient of the share has to use a video call to request the password from you. This eliminates the risk that a spouse, kid or hacker who has access to their email or mobile device has a chance to see the data.

That call can come in through the mobile apps for Talk, making it easy for the sender to pick up.

How to use it

To enable the additional protection afforded by Video Verification, create a shared link and set a password. Then, when you go to the share menu again, you can enable the ‘Password protect by Talk’ option which enables video verification. Note that this feature requires your server to have Talk installed!

The recipient of the share will have to have a webcam and microphone so the sender can see and hear who is requesting access to the data. There is a great tutorial on Techrepublic about using video verification!


Enable video verification

The link the recipient receives

Starting a call to request the password

The video below shows fully how Video Verification works.

Meet Nextcloud experts at Paris Open Source Summit

Like the past years, this December we will be present at Paris Open Source Summit offering business representatives an opportunity to meet our experts and learn more about Nextcloud.

At this major enterprise open source gathering, our team members will give three talks and we will have a shared booth with our partner Arawa.

Event: Paris Open Source Summit

Dates: December 10 – 11

Location: Paris, France

Venue: LES DOCKS DE PARIS – 50, av. du Président Wilson 93200 La Plaine St-Denis, 100 meters away from the Door of the Chapel, The Docks of Paris are situated on the axis of communication Bets / stage of France.

More practical information here.

Visit our booth

We will be there with both French and English speakers. Come visit our booth (C08) and discuss our roadmap, latest improvements and development! You can come by any time, but if you want to discuss a specific point or want an appointment with us, you may want to send an email to events@nextcloud.com

Talks

Two of our team members will give talks at Paris Open Source Summit. Check the full schedule here.

  • Venez découvrir pourquoi Nextcloud est de plus en plus installé en France

    Olivier Paroz – Tuesday, December 10, 14:35 – 15:00

    Discover why Nextcloud is increasingly installed in France

    The demand for online collaboration and communication tools is growing rapidly. Nextcloud offers a real alternative to the solutions of American giants while remaining 100% Open Source and allowing organizations that use it to keep control over their data. It is for these reasons that Nextcloud is increasingly used in France, whether in Ministries, universities or companies.

    “I will present to you the progress made over the past 12 months, as well as some concrete cases.”

  • Le Spleen du mainteneur: ne négligeons pas la sécurité organisationnelle dans l’open source !

    Nina Cercy – Wednesday, December 11, 14:45 – 15:30

    The Spleen of the maintainer: let’s not neglect organizational security in open source!

    November 26, 2018: the event-stream security team, an npm package, is contacted about an infected package that allows its author to steal Bitcoins. Oh no, there’s no event stream security team. We therefore contact the person responsible for the package directly. Well, it turns out she’s no longer holding the package. Come on, let’s wake up the CISO of the compan… Neither? Are we turning against the company that audited such a widely distributed package? Audiwhat? There was no illegitimate elevation of privileges. No spoofing. No vulnerability in the Github code, neither on the app side nor on the npm side itself. Just a smart attacker who asked to maintain an npm package and quietly injected his malicious code once the official maintainer. In open source, the trust chain is essential to ensure development security, and organizational security is sometimes overlooked: let’s look at the good practices to be put in place.

  • Open source et RGPD : quel partage de responsabilités ?

    Nina Cercy – Wednesday, December 11, 16:00 – 16:30

    Open source and RGPD: which division of responsibilities?

    While the case of SaaS vendors has been quite well defined, the regulation around the responsibilities of open source vendors towards the RGPD remains unclear: who is responsible in case of a security breach? What is the status of the publisher? What about support ? A brief overview of the thousand complex situations that can arise when developing in open source.

RSS-Bridge 2019-12-01

General changes

  • Bridge contexts with same parameter names but different number of arguments no longer result in a "mixed content parameters" error (#1211)
  • The composer file now contains all necessary details about the project (c334df9)
  • Many more bridges now use secure HTTPS (#1337)
  • Added an option to change how RSS-Bridge reports errors (#1071)
  • Added an option to suppress error reporting (#1179, #1359)
  • Added visual indicator for fields with additional information (#1173)
  • Added an action to check bridge connectivity in debug mode (#1147)
  • Added syndication links to the HTML format (#1348)
  • Dropped the minimum security level for the Docker image back to TLS 1.0 (1df3598)

New bridges

Modified bridges

  • Bandcamp
    • Added band and album feeds (#1317)
  • Basta
    • Fixed a PHP 7.4 crash (#1323)
  • Desoutter
  • Extreme Download
    • Updated website URL (#1303)
  • Facebook
    • Clarified Facebook bridges (#1221)
    • Updated Facebook URL detection (#1334)
    • Fixed permalink issue (#1358)
  • FB2
    • Clarified Facebook bridges (#1221)
  • Google Search
    • Fixed no results (#1329)
  • GQMagazine
    • Fixed by following website changes (#1281)
  • Instagram
    • Added an option to get direct links (a2e47a8)
    • Fixed GraphSidecar output and embedded videos (#1361)
  • Kununu
  • Mediapart
    • Fixed article parsing (#1293)
  • N26
    • Updated to reflect changes on N26 blog (#1295)
  • NineGag
    • Added filter option for animated content (#1374)
  • Pikabu
  • Soundcloud
    • Automatically acquire client_id (#1375)
  • StoriesIG
    • Added timestamp for each feed item (#1331)
    • Added custom feed titles (#1332)
  • Vk
    • Fixed photos and timestamps (#1287)
    • Changed the access token (#1357)
    • Added internal links in posts (#1363)
  • Zone Telechargement
    • Annuaire Telechargement has changed name again to go back to Zone Telechargement. (#1302)

Removed bridges

Time for the next contributor week in Berlin!

The first week of November, we concluded another successful hackweek! We’ve worked on improvements for Nextcloud 17, we focused on Nextcloud 18 and of course spent time together.

Time for the next contributor week!

Now is the time to set a date and work all together again! All Nextcloud contributors are invited to join us on January 13-18, 2020 in Berlin. We will still be hacking on Saturday, January 18, so if you can’t join us during the week days join us on Saturday!

Practical information

Location: Nextcloud GmbH office in Berlin, Germany

Address: Tempelhofer Ufer 23-24, Berlin.

Bring: Your laptop and enthusiasm 😀

How to get in: Once you’re there, ring the bell and find us on the fourth floor

Focus

As usual, there are topics we want to focus on during this week. Nextcloud 18 is on its way, we’ll also plan and work on Nextcloud 19. We hope to help people get involved and look at the state of our apps, preparing for the upcoming release.

What is this Contributor Week you speak of?

If you have known Nextcloud for a while, you may have heard about these focused work weeks when we used to call them “Hackweek”. Contributor weeks or hackweeks are weeks we decide to get together to discuss and work to move Nextcloud forward.

We focus on getting work done and being productive: going through issues, discussing and fixing them, working on our code and so on. Just more together, rather than remote as we typically do! It’s a nextclouders gathering with lots of working and fun!

Travel support

On October 30th, 2018, we released our own program to support diversity in Open Source: Nextcloud Include. With this program, we provide mentoring and internships to people from underrepresented groups in the tech community, and – even more relevant to the topic of this post – we help you to join us at events like our yearly Conference or our Contributor Week! Want to join us in Berlin? Check nextcloud.com/include and get in touch with us to request travel support!

Of course, even for those who aren’t part of underrepresented groups: As usual, all Nextcloud contributors are warmly welcomed to join us! For those among you where financial issues limit travel possibilities, you can email us here, sending some links to your contributions.

In any case, don’t forget to bring your laptop and help us get some work done!

We look forward to seeing ya’ll in Berlin!

Nextcloud supports open letter to improve e-evidence

During this week, the LIBE committee of the European Commission will read a draft report on e-evidence. This report includes a proposal for cross-border access to data for law enforcement which would allow foreign law enforcement agencies from across the EU to force companies to hand over customer data without a check by local authorities.

A big problem for local EU IT businesses

While further and deeper integration of EU law enforcement is not a bad thing, this proposal puts the onus on verifying the legality of this request on the recipient. While large companies like Google certainly have no problem with this, a small local hosting provider which manages Nextcloud for its customers would not be able to even properly authenticate the foreign authorities, let alone object to illegitimate orders!

This would obviously be bad for the many thousands of independent hosting providers in Europe as well as the privacy and security of their customers, providing a huge benefit to the established internet molochs Google, Amazon, Microsoft and others.

Together with Mailfence, Tutanota, ProtonMail and Matomo, Nextcloud has signed a public letter to the LIBE committee. We’d like to not only thank our co-signatories, but also do a call-out to privacy-tech.eu and its tireless champion, Jan Weisensee, who brought this issue to the forefront.

You can download the public letter here.

Our recommendations

A few recommendations are made in our letter. First, we’d like to see a number of improvements which were already in the draft to be picked up:

  • Involve national judicial authorities whenever foreign data requests come in
  • Define workable data categories
  • Enable online service providers to inform their customers about foreign data requests having taken place as long as that does not obstruct an ongoing investigation

We ask for a few further improvements:

  • The reimbursement of costs incurred from data access requests by the issuing authority should be mandatory (as proposed by MEP Sippel’s amendment 168) but the reimbursed amount should also be proportionate to the amount of data requested. This would help preventing fishing campaigns without suspicion where a law enforcement agency demands large amounts of data in the hope of finding unrelated evidence.
  • The draft report should mandate a secure way of authentication and of exchanging information between companies and law enforcement agencies. Currently, too often tech companies receive requests for data via fax machine or unsecured emails, putting the data that is transmitted in both directions at risk. It is particularly crucial for companies to be able to authenticate with absolute certainty the foreign authority they are communicating with in order to avoid the leakage of customer data to malicious actors.

We hope the EU commission will take our feedback serious and we urge everyone to spread this message and voice support for the EU privacy tech business!

FreshRSS 1.15.3

By: Alkarex

Changelog:

  • Bug fixing (regressions from 1.15.x)
    • Fix adding categories in MySQL 5.5 #2670
    • Fix saving sharing integrations #2669
  • Compatibility
    • Add fallback for systems with old ICU < 4.6 (International Components for Unicode) #2680
  • API
    • Do not obey rel=self feed redirections when WebSub is disabled #2659
  • UI
    • Start adding support for RTL (right-to-left) languages #2656
  • Deployment
    • Docker: Ubuntu image updated to PHP 7.3.11
  • Misc.
    • Add more log when errors occur when saving a profile #2663
    • Improve Makefile with port override #2660
    • Update a few external links to HTTPS #2662

Nextcry or how a hacker tried to exploit a NGINX issue with 2 Nextcloud servers out of 300.000 hit and no payout

As you might have read in various news outlets, an attacker has been trying to use a known and reported NGINX/PHP-FPM bug (CVE-2019-11043) to break into servers. After breaking into the server and gaining control, the attacker used a compiled python script that encrypts data in the Nextcloud data folder and unsuccessfully tried to get ransom paid for decrypting it. The servers that were broken in were two private servers. As most Nextcloud users don’t use NGINX and those who did have largely updated following our warnings 3 weeks ago, only these 2 servers out of 300.000 are known to be compromised and no ransom payments to the bitcoin address have been made.

As the attacker gained full control over the server through a bug outside the control of Nextcloud, we could not do anything other than warn our users to update and secure their servers. For this we reached out through social media, mailing lists and our blog and also used our administrator notification feature to reach out to all server administrators (who did not disable this feature).

We repeat our official statement to the press below.

We are confident that the attack vector was the nginx+php-fpm security issue that hit the web some time ago.

While it was not an issue in Nextcloud itself, we informed our users through all channels we had available, including a direct notification to all administrators of Nextcloud servers. This likely explains why so few servers were impacted out of the hundreds of thousands of Nextcloud servers on the web.

We consider it a lesson that shows the value of taking security serious. We urge other PHP based projects to also issue warnings to their users about this issue, as this vulnerability persists for some.

Some background on the issue:

PHP bug report: https://bugs.php.net/bug.php?id=78599

Our blog: https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/

CVE: nvd.nist.gov/vuln/detail/CVE-2019-11043

So the “task” of the hacker was:

  1. read our blog
  2. find Nextcloud servers
  3. Try to execute the exploit of php_fpm+nginx

The attacker bothered to write a python script to explicitly target Nextcloud servers. We hope the lack of results will help act as a deterrence from doing this in the future.

Given we have a USD 10K security bug bounty program, we’d expect most hackers that find an issue in Nextcloud serious enough to do this to report it to us.

Until now, nobody has found such a serious vulnerability, but if you think you know one, please report it and collect your bounty! We are the only on-premises file sync and collaboration solution with such a big bounty, showing how serious we take security.

Bleepingcomputer which first reported this issue noted about the bitcoin wallet the attacker used:

no transactions have been recorded until now

While we are of course sorry for the two users who’s servers were hit, we are also glad that this incident shows that our prompt and (by some called over-the-top) response to the security issue in NGINX and PHP-FPM was effective in helping protect our users from the risk.

Nextcloud at Storage-Forum in Leipzig

In a few weeks, Nextcloud CEO Frank will give the opening talk on the second day of the Storage-Forum, an event where professionals in the IT storage space meet with suppliers of enterprise storage solutions.

The event takes place on the 28th and 29th of November in Leipzig. Find more information on the website.

The event is in German, so we’ll share the German description of Frank’s talk here.


Nextcloud als On-Premises Lösung für hochsicheren Datenaustausch

Freitag 09:15 Uhr

Dieser Vortrag ist ein Praxisbericht wie Nextcloud im öffentlichen Sektor als sicherere und DSGVO-konforme Datenaustauschplatform eingesetzt wird. Mittlerweile setzt die deutsche Bundesregierung sowie weitere europäische und aussereuropäische Regierungen auf Nextcloud. Auch deutsche Landesverwaltungen, sowie Schul- und Forschungeinrichtungen betreiben inzwischen eigene Nextcloud-Instanzen. Dieser Vortrag gibt einen Überblick aus der Praxis, warum on-premises Cloud File Sync und Share immer wichtiger wird, und was die Erfolgsfaktoren sind.

Auch die eingesetzten unterschiedlichen Architekturen mit den entsprechenden Vor- und Nachteilen werden beleuchtet.

Zusätzlich stellt der Vortrag bestehende und zukünftige Funktionalitäten vor die für den sicheren und skalierbaren Betrieb von on-premises Cloud Services wichtig sind.

Nextcloud-ONLYOFFICE webinar this Wednesday!

Many of our users are exploring integrated, collaborative document editing options. With our ONLYOFFICE partners we are organizing a webinar in which participants can learn about ONLYOFFICE, how to share, edit and collaborate on documents and how to configure the server. There will also be a special offer for all webinar participants!

ONLYOFFICE integration in Nextcloud empowers your users to collaborate on office documents with team members in real time. Compatibility with Microsoft Office formats means perfect documents, every time!

Instead of handing over data to a third party, ONLYOFFICE runs in your own data center, guaranteeing 100% confidentiality of the documents. Integration in Nextcloud makes it easy to work on documents alone, with other Nextcloud users or with others whom participate through a publicly shared link.

You can learn more on our website or sign up to the webinar now!

Branded Nextcloud clients

In order to provide a seamless enterprise user experience, Nextcloud GmbH offers branded clients to their customers. We are also introducing deployment technologies available for customers today through MSI for desktops and MDM for mobile platforms.

Logo, color and links

Our theming app provides a fast and intuitive way to theme your Nextcloud server. You can conveniently configure logo, colors, name and important urls like the privacy policy and imprint. Out of the box, the Nextcloud mobile apps adapt to the color scheme of the Nextcloud server and also use its configured logo and background in the apps.

Beyond that, Nextcloud offers a client branding service as part of Professional Services to Nextcloud Customers. Branded clients dramatically enhance your user corporate experience. They are pre-configured for the correct server so that the end user does not have to choose a Nextcloud server but can immediately proceed to enter their login credentials. They use the customers’ logo and name in the app drawer instead of the Nextcloud logo and name and more customization can be made: URLs for privacy policy, help page and contact email can also be set individually in the apps.

Last but not least, a custom Push Proxy can be configured. This provides push notification functionality in Nextcloud. Nextcloud GmbH hosts a public proxy server, and data send by the clients is encrypted and doesn’t contain anything that can be traced back to the user. But if customers want to internalize the whole process for IT or compliance reasons, they can optionally run their own push proxy server with our help.

The branding applies to supported app platforms: Android, iOS and desktop Linux, Mac and Windows. The Nextcloud Talk apps have some initial branding support and this can be made available if required.

Deployment and control with MDM and MSI

Many larger organizations have tools to manage their deployments of desktop and mobile apps. For mobile apps, various tools provide so-called Mobile Device Management services. Nextcloud supports this with the Client Branding Plus option. With this also come branded desktop clients as MSI packages for easy roll-out in large organizations.

Here is a complete overview of the Nextcloud branded client options.

Clients

Supported capabilities

Included

Client Branding

Client Branding Plus

Colors for application and fonts

✔*

✔

✔

Logo for login page and header

✔

✔

✔

Custom App icon and name

✔

✔

Custom visual assets

✔

✔

Pre-configured URL of the Nextcloud server

✔

✔

Contact email address

✔

✔

URLs for privacy policy and help page for clients (mobile/desktop)

✔

✔

MDM functionalities

✔

MSI installation package (Windows)

✔

* Mobile only

Web user interface

Supported capabilities

Included

Client Branding

Client Branding Plus

Logo in the header bar, on the login page and the favicon

✔

✔

✔

Color of header bar, checkboxes and folder icons

✔

✔

✔

Name and slogan

✔

✔

✔

Login page background image

✔

✔

✔

Additional compliance links for web UI (Legal notice/Privacy policy link)

✔

✔

✔

If your organization needs branded clients, contact us!

Nextcloud 3.9.0 for Android is here! Markdown preview, remote wipe integration, new media player and more

Today the 3.9.0 version of our Android client has been made available, bringing new functionalities and more than 90 fixes & improvements to the users.

Get the app

Note: This release will be available on Fdroid after up to 24 hours.

If your phone hasn’t updated yet, give this article a read and grab the new version today!

Markdown preview with syntax highlighting

Markdown preview with syntax highlighting
Markdown files are an easy way of taking meeting notes with your colleagues, writing down some quick ideas or thoughts, drafting a new proposal during a team call etc. After structuring the text with basic formatting in a human readable way you usually have to get back to it, maybe on the go, or you share it with other people who access from their mobile phones.

In this release the Android client supports many syntax highlighting for markdown preview, in read mode only. So now, markdown files are human readable and well structured even when you access them on the go!

This wouldn’t have been possible without the help of one of our awesome community members, Andy Scherzinger.

Remote wipe integration

Remote wipe allows users and administrators to forcibly clean files from remote devices, for example in case they are stolen. Now this feature is available on the Nextcloud Android client as well!

While many companies have Mobile Device Management, thanks to built-in support, remote wipe will work on systems not under management of the company. This is useful for home users but also large universities and of course in a scenario where guest accounts were handed to a third party. If you permit downloading of documents by the third party, you can wipe the files from their devices when the the collaboration has ended.

These things usually catch you unprepared, as no one really expect it at any time. Now remote wipe is available on your mobile’s settings, so you don’t need to be in the office to prevent data “disasters”!

New media player service

Some issues had been encountered with the media player for Nextcloud. One of our awesome community members, Chris Narkiewicz, had the idea to solve this solution, but then, instead, decided to entirely rewrite it, turning it into a new architecture that allows us fixing any current and future edge cases easily.

Thank you Chris!

More improvements

Improved DAVx⁵ integration

DAVx⁵ released its 2.6 version, compatible with Android 10 and Nextcloud Login flow is now implemented.

We’re happy to release DAVx⁵ 2.6! The new versions is now Android 10-ready and notifies users if the network is not available. We’ve implemented Nextcloud Login flow so you may now setup DAVx⁵ from the @Nextclouders app even with 2FA – super easy!https://t.co/6yi9mktiTp pic.twitter.com/fxqaaoqYGG

— DAVx⁵ (@davx5app) October 26, 2019

Auto upload

When auto upload is enabled, and new files are created in a subfolder, they get uploaded into the matching folder.

Printing from within Collabora

Now, printing when you open a document with Collabora on your Android client is fixed.

Single Sign On enhancements have been made and of course, many more fixes and refinements. Check the full list here. A big thanks goes to all the awesome members of our community that help us make Nextcloud better!

If you run an outdated, unsupported Nextcloud, the Android app will warn you of the risks. Nextcloud 12 is the oldest release that will work with this version of our app. We strongly recommend private users to upgrade their Nextcloud servers.

As companies sometimes have to use older versions, Nextcloud offers long term support. Contact our sales team for more information on this.

Nextcloud Desktop client 2.6.1 brings remote wipe, dark mode support to Mac OS X and more!

Desktop client 2.6.1

The Nextcloud Desktop client has been updated again with a number of nice improvements. Last week we made minor release 2.6.1 available!

🔒 First release with support for OpenSSL 1.1.1d and TLS 1.3 on all platforms\
🧹 Remote Wipe\
🐞 Lots of bug fixes and minor improvements\
🌃 Mac: Initial Dark Mode support (some known issues)

Check the full changelog.

Remote wipe

Remote wipe allows users and administrators to forcibly clean files from remote devices, for example in case they are stolen. Now this feature is available on the Nextcloud Desktop client as well!

While many companies have Mobile Device Management, thanks to built-in support, remote wipe will work on systems not under management of the company. This is useful for home users but also large universities and of course in a scenario where guest accounts were handed to a third party. If you permit downloading of documents by the third party, you can wipe the documents from their devices when the the collaboration has ended.

Dark mode

Enabling the dark mode while using your devices enhances visual ergonomics and reduces eye strain. It adjusts the screen colors according to current light conditions, providing more comfort at night or in dark environments.

This version of the Desktop client brings initial dark mode support to Mac OS X. Some issues are already known and we will be working on fixing these as well as bring many more cool improvements until the next release!

If you want to help us make Nextcloud better learn how you can get involved!

FreshRSS 1.15.2

By: Alkarex

Changelog:

  • Bug fixing (regressions from 1.15.x)
    • Fix CLI failing due to new test against empty usernames #2644
    • Fix CLI install for SQLite #2648
    • Fix database optimize action for MySQL/MariaDB #2647
  • Bug fixing (misc.)
    • Sanitize Unicode UTF-8 before insertion of entries, especially needed for PostgreSQL #2645
  • Misc.
    • Rename sharing action to avoid erroneous blocking by some ad-blockers #2509

DEGES: handling 22 billion worth of complex infrastructure projects


DEGES is a project management company for complex infrastructure projects, founded by the Federal Government and five German states in 1991. In recent years, more states have joined as stakeholders and customers.

DEGES plans transport routes (road, rail or waterway), coordinates, optimizes and manages the work of all external service providers (planners, architects, land purchasers, construction supervisors, construction companies and other service providers), maintains control over costs, plans and construction, handles invoicing and hands over the finished structure to the public clients according to the highest quality standards, within time and budget.

Today, 350 DEGES employees in Berlin headquarters, Bremen, Hamburg, Düsseldorf and Frankfurt (Main) are responsible for the expansion and new construction of more than 2,300 km of federal highways with a contract volume of over € 22 billion.

Challenges and key requirements

The flood of documents was growing and the call for an online collaboration was getting louder.

With the increasing expansion of the scope of tasks and activities DEGES faced a new challenge. Facing this required a realignment of IT in the organization, the initial trigger for the introduction of a file sync and share solution.

“We needed a unified document exchange platform to organize collaboration across departments and with external parties.”

— Jens Düssel, Head of IT and Organization

The goal was to provide a unified, easy to use, efficient project collaboration platform that can be managed by the employees themselves. DEGES’s requirements included:

  • Facilitating collaboration and team work across organizational boundaries
  • Seamless cross-platform, on-the-go document access across mobile, desktop and web platforms
  • Easy user interface, excellent user experience
  • Allowing users to self-manage, relieving IT administrators
  • Unified access to documents irrespective of underlying storage technology
  • Protecting data security without disrupting collaboration

DEGES initially tested ownCloud and after experiencing a number of issues they decided to look for a new platform that fulfilled all their requirements. They wanted to migrate & integrate into the existing infrastructure and workflows. That is when the decision to move to Nextcloud was made: a promising project with a roadmap for deeper, more integrated collaboration and communication that fulfilled their requirements.

Nextcloud: The solution

“Ease of use and ability to self-manage were key for users and acceptance of Nextcloud solution was immediate and enthusiastic.”

The different teams developed their own working methods and information silos. The highly qualified engineers, lawyers and business process experts at DEGES work on various projects and exchange documents across locations through a forest of different tools. Nextcloud provided an opportunity to consolidate. What DEGES was provided with by Nextcloud was:

  • Nextcloud Enterprise File Sync and Share solution and Content Collaboration Platform
  • Open Source, self-hosted (on premises), zero-licensing cost, no-vendor-lock-in
  • Efficient and easy to use web, mobile and desktop interfaces
  • Nextcloud Enterprise Subscription providing services and support
  • Professional Services developing required features and integration capabilities

Nextcloud’s specialized engineering team assists customers with support when needed and together with our sales engineers they manage to plan the development of new features and integration capabilities requested by customers, without neglecting the current roadmap, within time. A number of professional services projects for DEGES have been executed and more are work in progress.

Professional services

A small security improvement

DEGES used the notification application from the command line and noticed that in the output of PS on Unix, the username and password were visible while the command was running. A change was made in Nextcloud to allow passing the username and password via environment variables, hiding them from the command line. The credentials can be set using the NOTIFY_USER and NOTIFY_PASSWORD environment variables.

Bringing Deck forward

At DEGES the functionality of Deck app for Nextcloud were appreciated by the employees. The Deck app is a ‘kanban-style’ task management app. To improve the collaboration, DEGES requested the creation of activities and comment for the cards in Deck boards.

  • Activities for cards: creates events for activities inside deck. These contain information on the user who initiated the action, the time and details about what has been changed and adds a list of activities to the card sidebar
  • Comments for cards: users are able to add comments to a card’s sidebar, mention their colleagues and see an indicator for unread comments.

The work on this project was managed while several other projects are already being started for DEGES, including more sidebar features that will enhance sharing & monitoring capabilities for large projects.

Learn more

Read the full case study to learn more about the initial reasons that made DEGES look for an EFSS solution, the issues encountered while using ownCloud, why Nextcloud was a better solution, how the migration went and infrastructure decisions. Check here to find more whitepapers and case studies for a deep insight in what Nextcloud has to offer in your industry.

Nextcloud 17.0.1 is here, updates to 15 and 16 also out

Nextcloud image showing number 17
New minor releases of the Nextcloud server have been made available. As always, these include stability and security improvements that are designed to be a safe and quick upgrade. Of note is the availability of Nextcloud 17.0.1, bringing some 50 improvements to our latest release and preparing for general availability in our updater!

Running web facing software without regular updates is risky. Please stay up to date with Nextcloud releases of both the server and its apps, for the safety of your data! Customers can always count on our upgrade support if needed!

Nextcloud 17.0.1: over 50 improvements

This first minor release brings a wide range of minor improvements that fix corner case bugs, updates translations or deals with small design flaws. Fixes include:

Nextcloud 16.0.6 and 15.0.13 benefited from similar fixes, though far fewer in number. You can find the full 17.0.1, 16.0.6 and 15.0.13 changelogs on our website..

Stay safe: keep your server up-to-date!

Minor Nextcloud releases are security and functionality bug fixes, not rewrites of major systems that risk user data! We also do extensive testing, both in our code base and by upgrading a series of real-world systems to the test versions. This ensures that upgrades to minor releases are painless and reliable. As the updates not only fix feature issues but also security problems, it is a bad idea to not upgrade!

This is, of course, also true for apps: Keeping them updated has security benefits, besides the new features and other bug fixes.

If you are maintaining a mission-critical Nextcloud system for your enterprise, it is highly recommended that you get yourself some insurance (and job security… who gets blamed if the file handling system isn’t working as expected?). A hotline to the core Nextcloud developers is the best guarantee for reliable service for your users, and the job safety of you as system administrator.

gif showing upgrade from Nextcloud 17.0.0 to Nextcloud 17.0.1

FreshRSS 1.15.1

By: Alkarex

Changelog:

  • Features
    • New approach based on OPML to definite default feeds for new users #2627
  • API
    • Always send articles IDs as string, to fix compatibility with Reeder #2621
  • Bug fixing (regressions from 1.15.0)
    • Fix database auto-creation at install #2635
    • Fix bug in database size estimation with PostgreSQL for users with uppercase names #2631
    • Reset name of default category (which cannot be customised anymore) #2639
    • Fix UI style details #2634
  • Security
    • Improve cookie security with policy SameSite=Lax #2630
  • Misc.
    • Perform automatic git updates with safer fetch+reset instead of clean+fetch+merge #2625

Nextcloud Conference 2019 talks now online

Last September, the Nextcloud Conference brought more than 250 people to Berlin to share ideas, collaborate on Nextcloud and meet new friends, colleagues, partners and fellow users. Over 1500 people watched our live stream while made a series of big announcements and we’re happy to announce today that the videos can now easily be watched on our YouTube channel!

Opening keynote with 6 big announcements

Frank’s keynote started big, with a series of announcements! After reminding everyone of the goals and motivations behind Nextcloud and our mission and principles, he announced:

Watch the full keynote here:

Sunday keynote

The Sunday keynote was delivered by the Executive Director of the Smart Citizenship Foundation and international human rights lawyer, Renata Avila. She talked about the fight for a better, fairer and more open internet, digital colonialism and digital sovereignty, wikileaks, surveillance and especially censorship. Censorship is a intangible, arbitrary, unaccountable yet very powerful force on the web and a growing threat.

She made a powerful argument about how vulnerable our systems are to the whims of foreign, especially US companies and what a mistake it was to not deal with this issue over the last decades.

Talks and panels

The opening keynote was followed by Jillian C. York, Director for International Freedom of Expression at the Electronic Frontier Foundation and a fellow at the Center for Internet & Human Rights at the European University Viadrina. She talked about where our society is going when privacy falls apart. After her Markus Feilner gave a funny talk about the importance of good documentation.

Geraldine de Bastion Talked about robots and why open hardware matters for development on Sunday, while Thomas Lohninger called strongly on the audience for more activism for digital rights.

We organized two panels. The first was on Public money – Public code with participants from the Free Software Foundation, Deutscher Bundesjugendring, Open Knowledge Foundation and Nextcloud. We discussed the difficulties of explaining public organizations the benefits of using open source, sharing their code and avoiding the lock-in from proprietary vendors. And we asked – how can you help? The answer might surprise you – so watch the video!

A second panel covered diversity in open source, with Laura Gaetano, Frank Karlitschek, Jessica Green and Princiya Sequiera. Watch it here.

Lightning Talks

Of course, a big part of every Nextcloud conference are the lightning talks. The following talks were given on Saturday:

  • 0:00:00 Nextcloud Text – Julius Härtl
  • 0:05:39 Nextcloud Android App – Tobias Kaminsky
  • 0:10:48 Yunohost OS
  • 0:14:34 Google Summer of Code Experience: NextcloudPi
  • 0:18:25 Introducing Nextcloud to NGOs
  • 0:23:57 Prototype Fund
  • 0:29:06 Why the Opensource Center by Atos is developing a business model arounce Nextcloud?
  • 0:34:30 IBM Spectrum Scale – Real-time notification to Nextcloud using clustered Watch
  • 0:41:04 DICOM Viewer – Medical Imaging in Nextcloud
  • 0:44:53 Investigative Cloud
  • 0:52:08 How to collaborate on docs within your Nextcloud safely – ONLYOFFICE

Sunday we had the following talks:

  • 0:00:00 Nitrokey – Secure your digital life by Jan Suhr
  • 0:05:50 Building an accessible laptop with OpenBSD and Nextcloud by Stefan Sperling and Maurice Jones
  • 0:13:04 Solid by Mitzi László
  • 0:18:07 Usability and Accessibility by Jan C. Borchardt
  • 0:24:22 How to make your Nextcloud Storage Quantum Safe by Reiner Meyer-Rössl
  • 0:29:19 Univention x Nextcloud by Valentin Heidelberger
  • 0:38:50 Installing Nextcloud on your router by Michal Hrusecký
  • 0:43:30 Backing up your router to your Nextcloud by Michal Hrusecký
  • 0:48:26 Integrating Nextcloud to Sopher, an end-to-end encrypted communication platform by Benjamin Michéle
  • 0:54:28 Android Backup over Nextcloud by Ricki Hirner and Bernhard Stockmann
  • 1:00:03 Debugging Nextcloud PHP and JS by Julius Härtl
  • 1:05:08 Write support for LDAP
  • 1:10:05 Collabora Online & Nextcloud by Michael Meeks
  • 1:16:36 Desktop Client Login Flow Version 2 by Michael Schuster
  • 1:23:42 Virtual Data Rooms and Nextcloud

Thank you for participating!

We know a lot of you would have loved to be there! Stay tuned for next year, we’ll share the news as soon as we have a location fixed. The conference takes place in Berlin every year and we always strive to provide a great program!

❌