FreshRSS

πŸ”’
❌ About FreshRSS
There are new available articles, click to refresh the page.
Before yesterdayReleases

Nextcloud QA – help us make the Nextcloud Android app even better!

One of the things that make Nextcloud awesome is our awesome community! The community helps us turn Nextcloud into something better than before and better than anything else! 🙂

We appreciate all the work and effort that the community contributes back to the project, by solving issues, reporting them, translating Nextcloud in other languages, promoting it or helping out other users on the forums.

Nextcloud QA

While contributors give a part of their time to make Nextcloud nicer, we try to make it easier for anyone to get involved and the Android team has been working on that.

Are you using the Nextcloud Android client? If so, this improvement is for you: super easy testing of improvements by making a special build of the Android app for each change 😉

What does that mean?

This means that you can be the one to test an improvement you requested to confirm it is solved correctly. Or even test other fixes if you would like to. A direct download for every PR has been implemented, so anyone can test the APK that includes the fix in parallel to the production version you are using.

If you are an Android user and while using Nextcloud on your mobile phone you encounter an issue with the app, first you have to create a bug report on GitHub. It is recommended that you first search for that problem in the “issues” section, as somebody else might have already reported it. In case you don’t find it there, continue with reporting a new one.

Then, when the Android team works on it and fixes it, they will ask you to test it. All you have to do is download the APK file we will provide you with, and you will be able to install the version of Nextcloud that includes the fix, testing it in parallel to the production version. Check if the issue is solved and let the team know about the result by commenting on that issue on GitHub.

If it worked, you can delete the testing version and we will include the fix on the next release so you or everybody can get the updates from the app store.

Nextcloud Dev

Another way to get involved in testing the Android client is Nextcoud Dev app, which you can download on F-Droid alongside with the official Nextcloud app. The Dev version checks once a day if the source code was updated and gets the changes from there, making all new features available for testing before the official release. This way, you can check if new fixes of the app work properly and also test new features before they are released as part of the official app.


Contribute to Nextcloud

This is a super easy way to get involved to Android client testing. Check here for more ways you can get involved and become part of the awesome Nextcloud community!

IONOS and Nextcloud together for more data sovereignty


With more than eight million customer contracts, IONOS is the leading European provider of cloud infrastructure, cloud services and hosting services. IONOS is Europe’s largest cloud and hosting provider and number two in the world! Nextcloud has teamed up with IONOS to offer users increased digital sovereignty: control over their data.

“Data sovereignty is an essential requirement for many customers when using cloud services to protect trade secrets. This applies to customers from the public sector as well as the private sector,” explains Frank Karlitschek, CEO of Nextcloud. Achim Weiß, CEO of IONOS, adds: “As German providers, IONOS and Nextcloud guarantee their users the sovereignty over their data – we rule out access by third parties as permitted by the US CLOUD Act. Our cooperation therefore gives Nextcloud customers the legal security they need”.

Nextcloud customers can use their data and applications on the IONOS infrastructure, allowing them to customize and add additional functionality under full control.

German location and Open Source as basis for transparency and data protection

Both IONOS and Nextcloud are headquartered in Germany and are therefore subject to German legislation alone. Users therefore receive maximum protection against access based on the US CLOUD Act.

In addition, the two companies rely on open source and thus differ from the major US providers. “The consistent use of open standards ensures transparency. Anyone can view the code at any time, check it for security gaps and change it if necessary. Moreover, only on an open source basis is it easy to link data and applications with other systems,” emphasizes Achim Weiß.

Greater awareness for more data sovereignty

In the coming months, the two companies want to further deepen their partnership and promote greater data sovereignty awareness. “Many companies and government agencies are putting much of their data in the hands of cloud providers from the USA. Nextcloud and IONOS want to work together to raise awareness of the fact that sensitive data in particular is better off with European providers,” says Achim Weiß.

Further information is available at: ionos.de/enterprise-cloud/nextcloud

The new standard in on-premises team collaboration: Nextcloud Hub

New generation of leading content collaboration platform integrates office document editing and collaboration apps, introduces workflows, rich work spaces, file locking and more

During a keynote presentation in Berlin, Nextcloud CEO Frank Karlitschek announced the availability of a new product from Nextcloud. Nextcloud Hub is the first completely integrated on-premises content collaboration platform on the market, ready for a new generation of users who expect seamless online collaboration capabilities out of the box.

Nextcloud Hub

Nextcloud Hub 18 brings the following improvements to millions of Nextcloud users:

  • 📁Files – features an improved sidebar, accepting internal shares & folder owner transfership
    • 🗃Workspaces brings context to your folders, facilitating collaboration in one place.
    • 🔏File locking prevents conflicts editing shared files with others
  • 🤖Flow – Brings extensive, easy to use workflow capabilities to Nextcloud. Automatically turn documents in PDFs, send messages to chat rooms and more!
  • 📝ONLYOFFICE – Built in ONLYOFFICE makes collaborative editing of Microsoft Office documents accessible to everyone
  • 📸Photos – A brand new image gallery makes finding, browsing and sharing your images easier than ever before.
  • 📅Calendar 2.0 – Calendar 2.0 books Talk meetings, brings busy view for meetings and resource booking and more
  • 📩Mail – Mail 1.0 recognizes itineraries, handles rich text mails and more
  • 🗣Talk – rewritten user interface brings message delivery notifications, circles support, message replies and flow integration

Videos

Watch these videos for an overview of what Nextcloud Hub can do for you!

Nextcloud Files
Nextcloud Groupware

Nextcloud Talk
Document Collaboration

Locking
Nextcloud Flow
Workspaces

Nextcloud Hub offers the most advanced on-premises collaboration platform complete with audio/video chat, real-time collaborative document editing, mail, calendar and contact management. Get started now!

Nextcloud 17 users can just upgrade as usual to 18, we encourage you to install the new and improved apps like Talk, Calendar, Mail, ONLYOFFICE and more. You will get notified of this recommendation on upgrade! As usual, upgrades only start to roll out after we’ve waited for initial feedback on the release, and roll-out is incremental so it can take a while until it is your turn. You can always update immediately by changing to the beta release channel, which serves 18.0.0 right now, and move back after the update!

Files

When logging into Nextcloud you are immediately greeted by Workspaces. With Workspaces you can bring context to your folders, adding notes and even todo lists and links to files on top. This is great to coordinate with your team, making sure everyone knows what a particular folder is for. The best part: Workspaces are also available on mobile!

Nextcloud Files also introduces a new, more responsive sidebar with a number of improvements. It shows other users who have access to a file, even if it is nested deep in a shared folder, and proposes a secure password you can use for a password protected share.

Accepting incoming shares is now possible, and in the sharing settings you can choose to transfer ownership of a folder to another user.

Last but not least, Nextcloud Files introduces file locking, to prevent conflicts with colleagues who are trying to edit the same files as you do. Of course with the office documents and text files in which you take notes, you can conveniently edit with others in real time, but sometimes you have to download a file to make local changes and upload it again. Simply choose ‘lock file’ in the 3-dot menu and the file will be locked until you unlock it. You can see who locked other files, and of course ping them on Talk or in the comments if you want to know why!

Flow

Flow makes it easy to automate repetitive, boring tasks. For example, let’s say you are a sales person and send quotes as PDF. You set up a flow that turns documents into a PDF when you add a tag, say ‘to-pdf’. Or, say you want to put a message in your teams’ chat room when a partner uploads files in a specific folder.

Apps can include flow elements like triggers or actions, and separate flow apps can be build. If you’re interested in building for flow, check https://nextcloud.com/developer for documentation!

Flow as administratorView as an administrator
Flow as a userView as a user
Flow with analyticsFlow with analytics

The first third party app that has flow integration is the Data Analytics app by developer Marcel ‘Rello’ Scherello. This application is designed to turn data into reports, tracking and analyzing data which can be imported through an API. Data Analytics provides modular datasources, a realtime or storage backend and flexibile visualization. Its flow integration allows it to monitor files for updates or act on other events on Nextcloud.

A video of Data analytics in action:
https://www.youtube.com/watch?v=qnNZafE7ECM

The wiki page about Data Analytics and Flow:
https://github.com/Rello/analytics/wiki/Flow-integration

ONLYOFFICE

Editing office documents is a basic feature users expect from a online collaboration solution. Nextcloud is proud to be the first on-premises content collaboration platform to feature out-of-the-box, Microsoft Office compatible document editing through ONLYOFFICE.

With its latest release also comes improved integration, with our sidebar available so you can easily share, comment or look at older versions of the document you are working on.

ONLYOFFICE’s community edition is installed by default on a new Nextcloud installation. For users who already run Nextcloud, installing it requires just one click – like all Nextcloud apps! No need for docker containers, web server configuration or other complications.

Photos

A brand new image gallery makes finding, browsing and sharing your images easier than ever before.

Photos shows you a timeline of your photos. In the left sidebar you can find your favorites and tagged photos. You can also find pictures in all the albums you have access to, including pictures people shared with you and external storage.

We should also mention Locations which uses the Maps app. This shows where pictures are taken on the world map!

Calendar 2.0 with Talk integration

Nextcloud Hub, introduces a much refined interface rewrite of our popular Calendar app. This major release brings many user interface improvements as well as some basic feature enhancements like advanced recurrence, a busy-view for meeting planning and resource booking and more. Calendar 2.0 now has integrated Talk rooms, allowing users to add a chat and video call to a meeting.

Mail 1.0 recognizes itineraries!

Nextcloud Hub marks the introduction of Nextcloud Mail 1.0. This release introduces the ability toe extract travel information from emails. Mails from airlines or train companies will be accompanied with an easy overview of your travel plans and the trip can be easily added to the Calendar.

The 1.0 release marks a large improvement for Mail, with full support for rich text mails, improved account handling, signatures and more. Version 1.1 is already scheduled for early February and will introduce improved caching and threaded mail view.

Talk

Talk 18 features a rewritten user interface with a focus on improving the chat experience of users. A few highlights:

  • 📫 message delivery notifications & delayed messages so users can keep typing messages while they get delivered in the background
  • 🔍 a new interaction with the conversations sidebar, adding a search on top and a dialog to create a new conversation
  • 👥 Integration with Circles allowing users to use these custom groups in Talk
  • 🗣 Replies using quotes
  • 🤩 Big emoji’s when they are the only thing in a message
  • 🔔 New message notification for background tabs

To prevent accidental clicks, Talk will warn you during a call that navigating away from the page will end the call.

Besides the direct improvements to Talk it is worth noting the benefits from integration with Flow and the Calendar.

As always – this has been a big release, with many improvements! And it would not have been possible without the help of our amazing community. Thank you all!!!

Nextcloud 3.10.0 for Android is here, bringing collaborative tools, dark mode, rich workspaces and more!

All the awesome, fresh new features of Nextcloud Hub (Nextcloud 18) have been made available today and some of them come to your Android client as well!

The 3.10.0 version of the Nextcloud Android client is out, bringing new functionalities and more than 150 fixes & improvements to the users. If your phone hasn’t updated yet, get the updates on Google Play or F-Droid!

Get Nextcloud 3.10.0 for Android!

Note: This release will be available on Fdroid after up to 24 hours.



Nextcloud 3.10.0 for Android



Nextcloud 3.10.0 for Android

What’s new?

  • Rich workspaces
  • Collaborative text editor
  • Clickable links in markdown previews
  • Simplified view for auto-upload items
  • Dark mode
  • More fixes and improvements
Rich workspaces

Find out more details and the full changelog here.

Rich workspaces

The latest Nextcloud server release, introduces rich workspaces, which are available also on the Android client. This is a new feature that allows you to embed text above a folder view. You can describe what that folder is about, what kind of files it contains, the nature of the files on that folder or anything that is useful for the other users to know.

Note: This feature is available for servers that are running Nextcloud 18 (or newer).

Clickable links on markdown previews

This improvement makes it possible to click links even on a downloaded markdown file when you access it locally on your mobile, enabling full access the content of your files!

Collaborative text editor

  • Edit text files on you mobile
  • Create new text files on your mobile

Markdown files are an easy way of taking meeting notes with your colleagues, drafting a new proposal during a team call, writing down some quick ideas or thoughts etc. After structuring the text with basic formatting in a human readable way you usually have to get back to it, maybe on the go, edit it again on your mobile and have full access on the content of that file. Maybe you need to share it with other people that will access it on their mobile. Or you might even need to create a complete new text file quickly using your mobile client.

Create new text document

Edit text document

Many syntax highlighting for markdown preview, in read mode only, became supported on the Nextcloud Android client 3.9.0.

With the new updates brought in this release you will be able to create new text files on your mobile and edit text on new or existing text files.

Collaboration on the go gets easier every time!
Note: This featuress are available for servers that are running Nextcloud 18 (or newer).

Simplified view for auto-upload items

Nextcloud 3.10.0 for Android brings improved view of auto-upload items, based on your own preferences! When auto-uploaded folders and files are too many they can create a visual mess sometimes, depending on your auto upload settings. Now, it’s up to you to choose how you want them to be displayed!

You can choose whether to show or hide auto-upload folders:

  • If you have all the folders hidden you get an action button that allows you to show all hidden folders, and displays the number of hidden auto-upload folders
  • If you have all you your auto-upload folders visible, you get the option to hide the folders you don’t want to be displayed
  • If you have some auto-upload files hidden and some others visible, on the bottom of the page you get the number of hidden auto-upload files

Show hidden folders

Show/hide folders

Dark mode

Dark mode

The dark theme becomes available in the Nextcloud Android client 3.10.0!

Enabling the dark mode while using your devices enhances visual ergonomics and reduces eye strain. It adjusts the screen colours according to current light conditions, providing more comfort at night or in dark environments.

A big thanks goes to our community members @AndyScherzinger and @dan0xii for bringing the dark theme to this release.

More

Of course many fixes, refinements and features are being made regularly and older versions of Nextcloud are not supported. If you run an outdated, unsupported Nextcloud, the Android app will warn you of the risks. Nextcloud 13 is the oldest release that will work with this version of our app and you will get a warning if you are still running Nextcloud 15 or older. We strongly recommend private users to upgrade their Nextcloud servers.

As companies sometimes have to use older versions, Nextcloud offers long term support. Contact our sales team for more information on this.

Thank you community!

A big thanks goes to all the awesome members of our community that regularly help us make Nextcloud better, by translating Nextcloud to other languages or reporting and fixing issues!

Would you like to contribute to our Android app too? Check out all you need to know here.

Feedback

We appreciate your feedback! If you’d like to share your comments with us, continue the discussion in our forums. What’s the best thing about the Nextcloud Android client so far?

Rate Nextcloud and win a $10 giftcard!

We’re curious to know what do you like the most about Nextcloud?

Nextcloud has a page on Capterra, a site used by business software buyers to find suitable solutions. Do you think they should consider Nextcloud? Do you want to make us happy with some nice words?

Share your opinion in a review during the holiday season and Capterra will give the first 100 qualifying reviewers a $10 gift card!

Your thoughts matter

First, we’d be happy to read what you think of Nextcloud – a positive review makes our day!

On top of that, every user can share their thoughts with others by rating Nextcloud and writing a review about their experiences. This way, Nextcloud has descriptions from the user’s perspective on Capterra and other prospective users can make the right decision about their private cloud software, more easily, based on real user feedback.

Note: gift cards will be sent 1-2 weeks after the review has been published. To be published, each review must pass Capterra’s validation, quality, and non-duplication processes.

Hurry up, the offer will expire soon!

Of course, in case you’d like to rate Nextcloud also when the offer has expired, you can do so in the following platforms:

We are looking forward to what you all have to say 😀

Happy holidays!

Meet us at the 36th edition of CCC – Chaos Communication Congress

Will you attend the 36th edition of CCC (Chaos Communication Congress) this year? It will take place in Leipzig again, this time under the moto ‘Resource Exhaustion’. We will be there and can’t wait to meet our amazing community!
36c3 logo

Visit our booth

We will have a boat this year again in the Open Infrastructure Orbit. Watch out for our big blue Nextcloud flag, and come say hi at our booth! Ask anything about Nextcloud, what’s coming next, how to get more involved, grab some cool stickers and tell us what you think about the project!

Event: CCC (Chaos Communication Congress)

Location: Leipzig,Germany

Dates: December 27-30, 2019

Find more details about CCC here.

Talks

Do you know everything about Nextcloud? We bet there are 12 more things about what Nextcloud could do that you don’t know and Jos will be talking about these at the OIO Stage. Come and watch the talk!

A dozen more things you didn’t know Nextcloud could do – Jos Poortvliet

“Consider this a follow-up from my talk about 200 things Nextcloud can do last year! An update on what’s new and some cool new stuff. What, what is Nextcloud? Let’s see. A private cloud is one way to put it, though that’s a contradiction of course. It is a way to share your data, sync your files, communicate and collaborate with others – without giving your data to GAFAM! Keep it on your own server, or something close (like a local hosting provider or data center). Nextcloud is a PHP app that does all that, and more! Easy to use, secure (really) and fully open source of course.”

Date: Saturday, 28 December

Time: 17:15

Already learned about Nextcloud Flow, coming in our next release? You can find out how to write flows in the talk by arthur!

“Nextcloud Flow is the overhauled workflow engine in upcoming Nextcloud 18. This talk describes how it evolved, how it works internally, and especially how own components can be built, so you can set up automatized tasks in your Nextcloud.”

Date: Saturday, 28 December

Time: 12:40

Check out the full program here for more talks.

We know that there will be other Nextcloud related talks at 36C3 but we haven’t been able to track them down yet, if you know of one, let us know so we can add it here!

The team behind all the organization of this awesome gathering still needs financial help to make the event possible. Check here if you like CCC and you want to contribute!

Nextcloud app iOS turns 2.25.2, plus a tip!

iOS client 2.25.2

The Nextcloud iOS app has been updated again with a number of nice improvements since our last announcement, as you might have noticed already. Nextcloud 2.24.3 for iOS is available in the App Store!

What’s new?

  • The 2.25.0 release introduced the start of a new driver, written totally in Swift, currently in v0.1 beta. This means that you will have a faster performance, command will be executed faster and the app uses less memory!
  • We have massively decreased the battery usage of the app in the background.
  • Now, the option to open/view documents with an internal viewer is available: long press or Peek&Pop on the document you’d like to open and select the “Open with internal viewer”
  • Several improvements have been made to the Dark Mode for iOS 13, including the fix of the option that resets the setting on the closing app. Enabling the dark mode while using your devices enhances visual ergonomics and reduces eye strain. It adjusts the screen colors according to current light conditions, providing more comfort at night or in dark environments. Dark mode (beta) arrived with Nextcloud 2.24.0 for iOS. Try it if haven’t already and tell us what you think! As it is still a fresh feature we would really appreciate your help in reporting issues in case you encounter any 😊

Other fixes and improvements made include:

  • Fixed permission delete folder
  • Improvements in web loginIntro view when phone is rotated
  • Fixed error when duplicate a folder
  • Disable [+] button when the folder is read only
  • Improvements and bug fixes in Files app
  • More fixes and improvements

Did you know this?

Document scanning feature

The document scanning feature gives you quality options for the PDF created and images can be rotated.

Document scanning lets you choose quality settings for the export. Options are:

  • LOW: 72 DPI – 595 x 842 px
  • MED: 150 DPI – 1240 x 1754 px
  • HIGH: 200 DPI – 1654 x 2339 px

As an example, this resulted in a one page PDF size with gray scale filter:

  • LOW: 92 kb
  • MED: 331 kb
  • HIGH: 512 kb

Images can be rotated before they are exported as PDF.

Scan step 1
Scan step 2
Scan step 3
Scan step 4
Scan step 5
Scan step 6

For more tips, stay tuned till the next release and subscribe to our release announcements newsletter.

Feedback

We appreciate your feedback! If you’d like to share your comments with us, continue the discussion in our forums. What’s the best thing about the iOS app so far?

Nextcloud 17.0.2, 16.0.7 and 15.0.14 available for update! Plus Beta 3 of 18 for testing.

Nextcloud image showing number 17
It is that time again: updates for the stable series of Nextcloud are available now. As always, these include stability and security improvements that are designed to be a safe and quick upgrade. This is one of the last for Nextcloud 15, so start planning an upgrade to 16. And those excited about Nextcloud 18 can start testing beta 3 which is available now!

Running web facing software without regular updates is risky. Please stay up to date with Nextcloud releases of both the server and its apps, for the safety of your data! Customers can always count on our upgrade support if needed.

Nextcloud 17.0.2: many small improvements

This second minor release brings a wide range of minor improvements that fix corner case bugs, updates translations or deals with small design flaws.

Nextcloud 16.0.7 and 15.0.14 benefited from similar fixes, though far fewer in number. You can find the full 17.0.2, 16.0.7 and 15.0.14 changelogs on our website..

18 Beta 3

Meanwhile, the 3rd beta of Nextcloud 18 brings a massive load of bugfixes and improvements, bringing us a lot closer to stability. We’ve got a lot of testers making a real difference and we want to say – keep it up! Grab the beta from the Get Involved section bottom right on the download page!

Stay safe: keep your server up-to-date!

Minor Nextcloud releases are security and functionality bug fixes, not rewrites of major systems that risk user data! We also do extensive testing, both in our code base and by upgrading a series of real-world systems to the test versions. This ensures that upgrades to minor releases are painless and reliable. As the updates not only fix feature issues but also security problems, it is a bad idea to not upgrade!

This is, of course, also true for apps: Keeping them updated has security benefits, besides the new features and other bug fixes.

If you are maintaining a mission-critical Nextcloud system for your enterprise, it is highly recommended that you get yourself some insurance (and job security… who gets blamed if the file handling system isn’t working as expected?). A hotline to the core Nextcloud developers is the best guarantee for reliable service for your users, and the job safety of you as system administrator.

gif showing upgrade from Nextcloud 17.0.0 to Nextcloud 17.0.1

Nextcloud on the way to Univention Summit 2020


As we want to offer business representatives an opportunity to meet our experts and learn more about Nextcloud, we’re planning to be present at many enterprise events. Meet us at Univention Summit 2020 in January!

Event: Univention Summit 2020

Dates: January 23 -24

Location: Bremen, Germany

Venue: Congress Centrum Bremen – Hollerallee 99 | 28215 Bremen

More information about the event here.

A booth, a talk and a round table

The Univention Summit will be a busy event for Nextcloud, providing one more opportunity to meet our team members. Come visit our booth and discuss our roadmap, latest improvements and development!

We will have a round table about digital sovereignty and our managing director will present a talk which answers many questions!

  • Digital sovereignty: what should Europe do? – round table
  • A New Direction for Nextcloud – Frank Karlitschek, Managing Director

    “It is 2020 and a change is in the air. Nextcloud today is the culmination of a decade of work, with a vision that has persisted and expanded, bringing digital sovereignty to individuals, businesses and governments. On-premises content collaboration is heading for the next level and Nextcloud is leading the way! Find out where we are going today. “

For more information on the talks keep an eye on the agenda.

Read the posts on our blog for more info on the events or subscribe to our newsletter!

3 easy predictions for ransomware in 2020

As the new year quickly approaches, cyber criminals are once again preparing to attack individuals and especially businesses. Their attacks will be more sophisticated and even better at extracting money from you. We make three easy predictions for the next year and urge you to be prepared:

via Liveuamap

Ransomware Petya in action (via Liveuamap)

1. Ransomware authors will innovate, too.
We are all in awe of the possibilities new technologies like machine learning, big data, the growing number of CPU cores and GPU acceleration bring. So are malicious hackers – expect them to pick up on these technologies. A major way will probably be through improving phishing techniques, improving targeted emails through artificial intelligence (AI) for example. That will allow them to avoid getting caught in spam filters and improve hit rates on victims. And faster encryption on modern multi-core CPU and GPU systems will make it even harder to detect and stop ransomware before it is too late.

2. Targeting will improve
Focusing on business targets has resulted in a massive increase in income from ransomware over the last years and there is no way this trend will reverse. Sadly, there are still countless businesses out there that have not taken many precautions and there is a lot of money to be made. Insurance companies are actually playing a key role here, as they pressure businesses to follow best practices to avoid having to pay out. But keep in mind that an insurance does not fully cover the massive costs of a ransomware attack in terms of lost time and data. They might pay off the attackers but do you really think any insurance covers the lost revenue due to your sales people being unable to work or the time lost fixing the computers of your employees?

3. Unknown exploits become more used
The increasing revenue from ransomware means its authors are more motivated and financially capable to acquire valuable, zero-day exploits. Theft of government-created exploits in the past has already shown one way this can affect even perfectly up-to-date systems and the rising value of exploits on the open market will result in more attacks like that.

All this means prevention will only go so far: recovery will become more and more important. That is, backups, and of course easy, powerful tools like Nextcloud’s unique Ransomware Recovery mechanism which can automatically recover all ransomware-encrypted files after an attack.

Nextcloud will rock FOSDEM for another year! Are you ready?

Awesome news!

Like past years, in February 2020 we will be present at Fosdem and again we will host a booth, along with our friends from DAVDroid and ONLYOFFICE this time! Even our friends from Bareos and Rocket.chat might join, seems fun 😃
People from our team will be there and we hope to have a large presence of our community too!

Come and find us at our booth, ask what’s awesome about nextcloud and what’s coming next! Collect some Nextcloud or “who owns your data” stickers, cool swag and find out more about our future events, latest news and open source friends!

Event: FOSDEM

Location: ULB Solbosch Campus in Brussels, Belgium

Dates: February 1-2

Find more information about the event here.

Help us at the booth!

The previous years we had teams of over a dozen enthusiastic volunteers to present our project to the thousands of visitors and this year, we hope to have an even bigger and cooler presence. We’re always very happy to have a large team of volunteers there, which allows us to be literally everywhere at the event! Would you like to help us? Find out more here.

Booth location & talks

Usually stands are located in three buildings on the campus: the upper and lower corridors of the K building, the lower floor of H and the corridors of AW. The list of stands with their location will be available on the FOSDEM website. We will update you with the exact location once we know it 😉 and we will list here all the talks from our community as soon as we’ll know more about those!

If you’ll present a talk related to Nextcloud, shoot us an email to events@nextcloud.com with the details (title, short description) and we’ll add it to this post 🙂

Happy FOSDEM everyone!

Nextcloud 3.9.2 for Android is out! Plus tips about markdown preview and calendar integration

Android client 3.9.2

Starting from today Android client 3.9.2 is available in the app store! Yesterday we released the 3.9.1 version of our Android app, a minor release bringing small fixes, lots of improvements in translations and other refinements.

Note that we released 3.9.2 today as a result of a bug that caused a login loop in cases when app protection was enabled. The bug is now fixed! If you haven’t enabled automatic updates in your mobile, please update your app to 3.9.2.

Improved image viewer

On certain devices, the app crashed when you opened a png image and then clicked on it to replace the transparent background with the chessboard-style pattern. The issue is now fixed by using png instead of a vector drawable for bitmap without causing the app to crash.

 

Get the app

Note: This release will be available on Fdroid after up to 24 hours.



Nextcloud 3.9.2 for Android



Nextcloud 3.9.2 for Android

Nextcloud 3.9.0 for Android

In case you missed it, we released Android client 3.9.0 with some awesome new features last month. Read about the remote wipe integration, new media player and many more!

Tips: did you see these?

Make your life easier with some Nextcloud Android app features you might haven’t noticed yet.

Markdown preview with syntax highlighting

Markdown preview with syntax highlighting
Markdown files are an easy way of taking meeting notes with your colleagues, writing down some quick ideas or thoughts, drafting a new proposal during a team call etc. After structuring the text with basic formatting in a human readable way you usually have to get back to it, maybe on the go, or you share it with other people who access from their mobile phones.

Many syntax highlighting for markdown preview, in read mode only are now supported in your Nextcloud app for Android. Markdown files are human readable and well structured even when you access them on the go!

DAVx⁵ integration

DAVx⁵ has released its 2.6 version which is compatible with Android 10 and Nextcloud Login flow is implemented. You can even setup DAVx⁵ from your Nextcloud app with 2FA. Note that this is supported by Nextcloud Android app 3.9.0 or newer.

Check the video here for a step by step demonstration.

More

Of course many fixes, refinements and features are being made regularly and older versions of Nextcloud are not supported. The Android app warns you of the risks of running an outdated version. Nextcloud 12 is the oldest release that will work with this version of our app. We strongly recommend private users to upgrade their Nextcloud servers.

As companies sometimes have to use older versions, Nextcloud offers long term support. Contact our sales team for more information on this.

Feedback

We appreciate your feedback! If you’d like to share your comments with us, continue the discussion in our forums. What’s the best thing about the Android app so far?

Thank you community!

A big thanks goes to all the awesome members of our community that regularly help us make Nextcloud better, by translating or reporting and fixing issues!

Would you like to contribute to our Android app too? Check out all you need to know here.

Enterprise File Sync & Share – what it is and what to look for

An Enterprise File Sync and Share (EFSS) is a piece of software that gives users access to documents, photos and videos on any of their devices. It also allows them to easily share these documents with others. In this blog we highlight some typical features of EFSS and what to look for in a solution.

According to TechTarget, the most common reason for deploying an EFSS is to prevent users from using consumer-based file sharing apps to store, access and manage corporate data outside the IT departments’ control and visibility.

Key features

EFSS applications generally offer the following abilities:

  • Sync files from corporate storage to user desktops and mobile devices so users can work wherever they are
  • Let users share links to files and folders within and outside the organization to simplify collaboration
  • Integrate in existing user management and enterprise applications so IT can manage access and permissions to data
  • Protect data with anti-virus, encryption and Data Loss Prevention and provide auditing and reporting on activity around files

Most EFSS solutions are cloud based. There are some hybrid or on-premises alternatives.

What it looks like

file view
A typical EFSS web interface showing files and a sidebar with sharing options for the selected file
sidebar with talk
More advanced solutions allow real-time document editing and communication in one interface
access on any device
These features are all available on mobile so team members can work wherever they want

Differentiators

What differentiates EFSS solutions? The most important factors enterprises look for are these:

  • Ease of use.
    A simple, familiar interface is key for fast adoption. While, for example, some more complex document management solutions, groupware products or workflow tools have some EFSS features, they tend to be too complicated so users keep using Dropbox or Google Drive.
  • Infrastructure integration
    Another key barrier to adoption is integration in existing data silos and user management. While most off-premises solutions integrate with Active Directory, data typically has to be migrated. On-premises solutions can offer access to existing data on Windows Network Drive, Sharepoint or FTP storages, as well as Outlook and other integrations.
  • Integration of collaboration
    The market is quickly moving away from file exchange solutions and towards integrated work flows with video chat, task management and collaborative document editing built in (thus evolving into “content collaboration platforms”). Solutions which are slow to adopt to these trends present a long-term risks for their customers as migrations are costly.

Security

EFSS software is entrusted with highly valued and sensitive data. The loss of company secrets due to theft, the risk of leakage of private customer data or the productivity hit of a ransomware attack is huge and thus EFSS vendors offer a range of cutting-edge security capabilities. Look for these when picking a secure solution:

  • Multiple layers of encryption for in-transit, on-disk and client-side protection
  • Active security measures like advanced two-factor authentication and ransomware protection
  • Technological hardenings like brute force detection and browser-security like CSP and SCC
  • A well-ran security bug bounty program (example) to balance out the value of the data you store
  • Unique features showing a vendor takes security serious, like machine learning based protection or novel file sharing protections

You can compare the most popular cloud-based EFSS, Microsoft OneDrive, with the most popular on-premises solution, Nextcloud.
Compare OneDrive and Nextcloud

Unique sharing security: video verification


Nextcloud features a unique and extremely powerful security feature you can use to give your shares the ultimate protection: video verification.

When you need ultimate protection

Imagine you need to share very sensitive data to somebody. Say it is the result of a medical test, or important financial data. You want to make sure nobody else than the intended recipient can gain access to this data.

You could send a link with the files, protected with a password. Sending the password separately means a third party trying to intercept the communication will have a hard time catching both the link and the password. However, often both still arrive on the same mobile phone. Moreover, it is not that uncommon that more than one person have access to that device: a spouse, or kid, for example.

Video Verification

Video Verification is a very powerful and innovative way to verify the identity of the person you share with before you hand them over the password for the share. Rather than emailing or sending the password over chat, the recipient of the share has to use a video call to request the password from you. This eliminates the risk that a spouse, kid or hacker who has access to their email or mobile device has a chance to see the data.

That call can come in through the mobile apps for Talk, making it easy for the sender to pick up.

How to use it

To enable the additional protection afforded by Video Verification, create a shared link and set a password. Then, when you go to the share menu again, you can enable the ‘Password protect by Talk’ option which enables video verification. Note that this feature requires your server to have Talk installed!

The recipient of the share will have to have a webcam and microphone so the sender can see and hear who is requesting access to the data. There is a great tutorial on Techrepublic about using video verification!


Enable video verification

The link the recipient receives

Starting a call to request the password

The video below shows fully how Video Verification works.

Meet Nextcloud experts at Paris Open Source Summit

Like the past years, this December we will be present at Paris Open Source Summit offering business representatives an opportunity to meet our experts and learn more about Nextcloud.

At this major enterprise open source gathering, our team members will give three talks and we will have a shared booth with our partner Arawa.

Event: Paris Open Source Summit

Dates: December 10 – 11

Location: Paris, France

Venue: LES DOCKS DE PARIS – 50, av. du Président Wilson 93200 La Plaine St-Denis, 100 meters away from the Door of the Chapel, The Docks of Paris are situated on the axis of communication Bets / stage of France.

More practical information here.

Visit our booth

We will be there with both French and English speakers. Come visit our booth (C08) and discuss our roadmap, latest improvements and development! You can come by any time, but if you want to discuss a specific point or want an appointment with us, you may want to send an email to events@nextcloud.com

Talks

Two of our team members will give talks at Paris Open Source Summit. Check the full schedule here.

  • Venez découvrir pourquoi Nextcloud est de plus en plus installé en France

    Olivier Paroz – Tuesday, December 10, 14:35 – 15:00

    Discover why Nextcloud is increasingly installed in France

    The demand for online collaboration and communication tools is growing rapidly. Nextcloud offers a real alternative to the solutions of American giants while remaining 100% Open Source and allowing organizations that use it to keep control over their data. It is for these reasons that Nextcloud is increasingly used in France, whether in Ministries, universities or companies.

    “I will present to you the progress made over the past 12 months, as well as some concrete cases.”

  • Le Spleen du mainteneur: ne négligeons pas la sécurité organisationnelle dans l’open source !

    Nina Cercy – Wednesday, December 11, 14:45 – 15:30

    The Spleen of the maintainer: let’s not neglect organizational security in open source!

    November 26, 2018: the event-stream security team, an npm package, is contacted about an infected package that allows its author to steal Bitcoins. Oh no, there’s no event stream security team. We therefore contact the person responsible for the package directly. Well, it turns out she’s no longer holding the package. Come on, let’s wake up the CISO of the compan… Neither? Are we turning against the company that audited such a widely distributed package? Audiwhat? There was no illegitimate elevation of privileges. No spoofing. No vulnerability in the Github code, neither on the app side nor on the npm side itself. Just a smart attacker who asked to maintain an npm package and quietly injected his malicious code once the official maintainer. In open source, the trust chain is essential to ensure development security, and organizational security is sometimes overlooked: let’s look at the good practices to be put in place.

  • Open source et RGPD : quel partage de responsabilités ?

    Nina Cercy – Wednesday, December 11, 16:00 – 16:30

    Open source and GDPR: which division of responsibilities?

    While the case of SaaS vendors has been quite well defined, the regulation around the responsibilities of open source vendors towards the GDPR remains unclear: who is responsible in case of a security breach? What is the status of the publisher? What about support ? A brief overview of the thousand complex situations that can arise when developing in open source.

RSS-Bridge 2019-12-01

General changes

  • Bridge contexts with same parameter names but different number of arguments no longer result in a "mixed content parameters" error (#1211)
  • The composer file now contains all necessary details about the project (c334df9)
  • Many more bridges now use secure HTTPS (#1337)
  • Added an option to change how RSS-Bridge reports errors (#1071)
  • Added an option to suppress error reporting (#1179, #1359)
  • Added visual indicator for fields with additional information (#1173)
  • Added an action to check bridge connectivity in debug mode (#1147)
  • Added syndication links to the HTML format (#1348)
  • Dropped the minimum security level for the Docker image back to TLS 1.0 (1df3598)

New bridges

Modified bridges

  • Bandcamp
    • Added band and album feeds (#1317)
  • Basta
    • Fixed a PHP 7.4 crash (#1323)
  • Desoutter
  • Extreme Download
    • Updated website URL (#1303)
  • Facebook
    • Clarified Facebook bridges (#1221)
    • Updated Facebook URL detection (#1334)
    • Fixed permalink issue (#1358)
  • FB2
    • Clarified Facebook bridges (#1221)
  • Google Search
    • Fixed no results (#1329)
  • GQMagazine
    • Fixed by following website changes (#1281)
  • Instagram
    • Added an option to get direct links (a2e47a8)
    • Fixed GraphSidecar output and embedded videos (#1361)
  • Kununu
  • Mediapart
    • Fixed article parsing (#1293)
  • N26
    • Updated to reflect changes on N26 blog (#1295)
  • NineGag
    • Added filter option for animated content (#1374)
  • Pikabu
  • Soundcloud
    • Automatically acquire client_id (#1375)
  • StoriesIG
    • Added timestamp for each feed item (#1331)
    • Added custom feed titles (#1332)
  • Vk
    • Fixed photos and timestamps (#1287)
    • Changed the access token (#1357)
    • Added internal links in posts (#1363)
  • Zone Telechargement
    • Annuaire Telechargement has changed name again to go back to Zone Telechargement. (#1302)

Removed bridges

Time for the next contributor week in Berlin!

The first week of November, we concluded another successful hackweek! We’ve worked on improvements for Nextcloud 17, we focused on Nextcloud 18 and of course spent time together.

Time for the next contributor week!

Now is the time to set a date and work all together again! All Nextcloud contributors are invited to join us on January 13-18, 2020 in Berlin. We will still be hacking on Saturday, January 18, so if you can’t join us during the week days join us on Saturday!

Practical information

Location: Nextcloud GmbH office in Berlin, Germany

Address: Tempelhofer Ufer 23-24, Berlin.

Bring: Your laptop and enthusiasm 😀

How to get in: Once you’re there, ring the bell and find us on the fourth floor

Focus

As usual, there are topics we want to focus on during this week. Nextcloud 18 is on its way, we’ll also plan and work on Nextcloud 19. We hope to help people get involved and look at the state of our apps, preparing for the upcoming release.

What is this Contributor Week you speak of?

If you have known Nextcloud for a while, you may have heard about these focused work weeks when we used to call them “Hackweek”. Contributor weeks or hackweeks are weeks we decide to get together to discuss and work to move Nextcloud forward.

We focus on getting work done and being productive: going through issues, discussing and fixing them, working on our code and so on. Just more together, rather than remote as we typically do! It’s a nextclouders gathering with lots of working and fun!

Travel support

On October 30th, 2018, we released our own program to support diversity in Open Source: Nextcloud Include. With this program, we provide mentoring and internships to people from underrepresented groups in the tech community, and – even more relevant to the topic of this post – we help you to join us at events like our yearly Conference or our Contributor Week! Want to join us in Berlin? Check nextcloud.com/include and get in touch with us to request travel support!

Of course, even for those who aren’t part of underrepresented groups: As usual, all Nextcloud contributors are warmly welcomed to join us! For those among you where financial issues limit travel possibilities, you can email us here, sending some links to your contributions.

In any case, don’t forget to bring your laptop and help us get some work done!

We look forward to seeing ya’ll in Berlin!

Nextcloud supports open letter to improve e-evidence

During this week, the LIBE committee of the European Commission will read a draft report on e-evidence. This report includes a proposal for cross-border access to data for law enforcement which would allow foreign law enforcement agencies from across the EU to force companies to hand over customer data without a check by local authorities.

A big problem for local EU IT businesses

While further and deeper integration of EU law enforcement is not a bad thing, this proposal puts the onus on verifying the legality of this request on the recipient. While large companies like Google certainly have no problem with this, a small local hosting provider which manages Nextcloud for its customers would not be able to even properly authenticate the foreign authorities, let alone object to illegitimate orders!

This would obviously be bad for the many thousands of independent hosting providers in Europe as well as the privacy and security of their customers, providing a huge benefit to the established internet molochs Google, Amazon, Microsoft and others.

Together with Mailfence, Tutanota, ProtonMail and Matomo, Nextcloud has signed a public letter to the LIBE committee. We’d like to not only thank our co-signatories, but also do a call-out to privacy-tech.eu who brought this issue to the forefront.

You can download the public letter here.

Our recommendations

A few recommendations are made in our letter. First, we’d like to see a number of improvements which were already in the draft to be picked up:

  • Involve national judicial authorities whenever foreign data requests come in
  • Define workable data categories
  • Enable online service providers to inform their customers about foreign data requests having taken place as long as that does not obstruct an ongoing investigation

We ask for a few further improvements:

  • The reimbursement of costs incurred from data access requests by the issuing authority should be mandatory (as proposed by MEP Sippel’s amendment 168) but the reimbursed amount should also be proportionate to the amount of data requested. This would help preventing fishing campaigns without suspicion where a law enforcement agency demands large amounts of data in the hope of finding unrelated evidence.
  • The draft report should mandate a secure way of authentication and of exchanging information between companies and law enforcement agencies. Currently, too often tech companies receive requests for data via fax machine or unsecured emails, putting the data that is transmitted in both directions at risk. It is particularly crucial for companies to be able to authenticate with absolute certainty the foreign authority they are communicating with in order to avoid the leakage of customer data to malicious actors.

We hope the EU commission will take our feedback serious and we urge everyone to spread this message and voice support for the EU privacy tech business!

FreshRSS 1.15.3

By: Alkarex

Changelog:

  • Bug fixing (regressions from 1.15.x)
    • Fix adding categories in MySQL 5.5 #2670
    • Fix saving sharing integrations #2669
  • Compatibility
    • Add fallback for systems with old ICU < 4.6 (International Components for Unicode) #2680
  • API
    • Do not obey rel=self feed redirections when WebSub is disabled #2659
  • UI
    • Start adding support for RTL (right-to-left) languages #2656
  • Deployment
    • Docker: Ubuntu image updated to PHP 7.3.11
  • Misc.
    • Add more log when errors occur when saving a profile #2663
    • Improve Makefile with port override #2660
    • Update a few external links to HTTPS #2662

Nextcry or how a hacker tried to exploit a NGINX issue with 2 Nextcloud servers out of 300.000 hit and no payout

As you might have read in various news outlets, an attacker has been trying to use a known and reported NGINX/PHP-FPM bug (CVE-2019-11043) to break into servers. After breaking into the server and gaining control, the attacker used a compiled python script that encrypts data in the Nextcloud data folder and unsuccessfully tried to get ransom paid for decrypting it. The servers that were broken in were two private servers. As most Nextcloud users don’t use NGINX and those who did have largely updated following our warnings 3 weeks ago, only these 2 servers out of 300.000 are known to be compromised and no ransom payments to the bitcoin address have been made.

As the attacker gained full control over the server through a bug outside the control of Nextcloud, we could not do anything other than warn our users to update and secure their servers. For this we reached out through social media, mailing lists and our blog and also used our administrator notification feature to reach out to all server administrators (who did not disable this feature).

We repeat our official statement to the press below.

We are confident that the attack vector was the nginx+php-fpm security issue that hit the web some time ago.

While it was not an issue in Nextcloud itself, we informed our users through all channels we had available, including a direct notification to all administrators of Nextcloud servers. This likely explains why so few servers were impacted out of the hundreds of thousands of Nextcloud servers on the web.

We consider it a lesson that shows the value of taking security serious. We urge other PHP based projects to also issue warnings to their users about this issue, as this vulnerability persists for some.

Some background on the issue:

PHP bug report: https://bugs.php.net/bug.php?id=78599

Our blog: https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/

CVE: nvd.nist.gov/vuln/detail/CVE-2019-11043

So the “task” of the hacker was:

  1. read our blog
  2. find Nextcloud servers
  3. Try to execute the exploit of php_fpm+nginx

The attacker bothered to write a python script to explicitly target Nextcloud servers. We hope the lack of results will help act as a deterrence from doing this in the future.

Given we have a USD 10K security bug bounty program, we’d expect most hackers that find an issue in Nextcloud serious enough to do this to report it to us.

Until now, nobody has found such a serious vulnerability, but if you think you know one, please report it and collect your bounty! We are the only on-premises file sync and collaboration solution with such a big bounty, showing how serious we take security.

Bleepingcomputer which first reported this issue noted about the bitcoin wallet the attacker used:

no transactions have been recorded until now

While we are of course sorry for the two users who’s servers were hit, we are also glad that this incident shows that our prompt and (by some called over-the-top) response to the security issue in NGINX and PHP-FPM was effective in helping protect our users from the risk.

❌