I have not much understanding of coding and server security. That being said Iâd like to hear some comments on a remark someone with more background made about Nextcloud a while ago (without going deeper into any specifics)
A:) âNextcloud in not secureâ
B:) âwhy?â
A:) âbecause itâs phpâ
B:)
beyond the fact this is a way too generic statement ⌠is there any grain of truth behind that from anyone perspective here?
Every programming language has its flaws. To say this one is more secure than another just prooves that that someone is either just trolling or does not know what he is talking about.
I totally agree with himbeere. No matter what programming language you use, if youâre bad at coding or have a bad quality assurance you will have security holes.
And here Nextcloud does a great job. They hire security specialist to perform a security audit and furthermore they have a well paid bug bounty program:
The technologies they use (Authentication, CSP, âŚ) are also state of the art.
And as always with every application/ service: you need to stay updated to profit from security fixes. Old software is always the biggest security flaw.
well ok, i know that both of 'em are quite modest and never would claim anything for themselves. so i think the solution-mark would better go to @himbeere b/c it was the fastest answer and the one @Schmu agreed to as well⌠hope this is ok for everyone
To mark the answer from @Schmu as solution would have been fine for me too. Whatâs the matter with that solution thingy anyways? Do I win a plant pot at some point?