Nextcloud already supports E2EE, but there are still some very useful features missing:
- Secure sharing with other users without the need to enter passwords. (not yet implemented)
- Efficient sharing and revoking shares without the need to re-encrypt large files. (not yet implemented)
- Supports a Hardware Security Module for enterprise environments which enables securely issuing new keys to users. (not yet implemented)
- Supports an offline administrator recovery key to be kept in a physically separated location. Users get warned when this key is enabled. (not yet implemented)
Apple’s iCloud also doesn’t have full support for all its features when using E2EE, e.g.:
Advanced Data Protection is designed to maintain end-to-end encryption for shared content as long as all participants have Advanced Data Protection enabled. This level of protection is supported in most iCloud sharing features, including iCloud Shared Photo Library, iCloud Drive shared folders, and shared Notes.
iWork collaboration, the Shared Albums feature in Photos, and sharing content with “anyone with a link,” do not support Advanced Data Protection. When you use these features, the encryption keys for the shared content are securely uploaded to Apple data centers so that iCloud can facilitate real-time collaboration or web sharing. This means the shared content is not end-to-end encrypted, even when Advanced Data Protection is enabled.
Owning and having control of your data is one of the key benefits of Nextcloud over other cloud services (e.g., by running it on a bare metal server/VPS using E2EE or using a home server to make sure only you can access your data). When other services (like iCloud) apply the same (or even better) E2EE, some of these benefits of Nextcloud are now gone.
There are still many reasons to favor Nextcloud (open source, created and maintained by a European non-big tech company, trust, etc.), but I’d like to have a discussion on how iCloud’s E2EE might remove a big reason for quite some people to use or move to Nextcloud. I think that other big tech cloud services will have to follow Apple and offer E2EE as well, so this discussion seems urgent.
Some talking points:
- Nextcloud’s E2EE has to be top notch: it needs to restrict Nextcloud’s features as little as possible and be extremely easy to use and solid. Ideally it’d be on by default (only people that fully trust a bare metal server/VPS or use a home server or only host public data might want to explicitly turn it off and maybe enjoy a bit more functionality in return).
- This situation reminds me of Signal and WhatsApp. When WhatsApp implemented E2EE (actually created by Signal), the main selling point to move to Signal was gone. The remaining selling points are more subtle for the general public (open source, encryption of more metadata, foundation instead of big tech, trust).
I’m very interested in what other think about this! Is it a problem? Maybe not as much?