Nextcloud 11 sets new standard for security and scalability

It’s certainly not a no-brainer. If it’s fixed it will be announced.

For a security related update I most certainly think it really is!

@grzegor Lots of people have different understandings and priosations for various topics. Also you cant implement everything that is nice to have in a timeframe of a few months. If this topic is super important for you either get a support contract or create a pull request.

1 Like

No, it’s not super important for me per se (I’ve been mounting external storage with encfs on system level for years so I’m not even using your encryption modules) - I just think it should be important for everyone for sake of their privacy. It’s a headscratcher that you would post a special major security related update (with a whole version bump for that!) yet didn’t address something that was discussed numerous times on github since 2014 if I recall correctly (thus why I considered this a little obvious security enhancement and not just nice to have as you said). I don’t think I can think of any modern software with file encryption capabilities that leaves the filenames unchanged. Actually, in today’s world even simply encrypting filenames doesn’t mean you’re on the safe side of getting criticized if you’re not doing them according to current standards (with init vectors chaining for example, so same files would have different encrypted names). And the best thing is that with your current security model in which you focus on encrypting external storage providers leaving local security on system level that could be actually achieved by a way easier workaround, by just generating UUIDs for each file and mapping them in a database. And this isn’t even my idea - I read it on oC’s github months ago! Besides that I gladly welcome the rest of enchancements in 11! Very nice to see that you’re giving a little more love to your outstanding product than it was getting while on oC branch. Hope now I managed to clarify my point a little better. Cheers! :slight_smile:

It’s a headscratcher that you would post a special major security related update yet didn’t address something that was discussed numerous times on github since 2014 if I recall correctly

It works like this: Developer picks a few topics he’s interested in or paying customers want, finishes and stablizes it, then whoever is responsible for PR goes over the features that were implemented. If a lot of security features went in, then he releases a post about that a focus of this release was security.

Again: Encrypting file names on external storages is not trivial nor important for many users (I for instance couldnt care less). It is important for a few users that actually use encrypted external storage (most dont because they use cheap webhosting) which want to upload their super secret or very damaging stuff (advice: dont upload anything like that at all or encrypt it before uploading). Adding the feature is also not as trivial as just adding uuids: the hardest part is migrating and encrypting existing data.

;D

@BernhardPosselt
I like very much your “controlled roll out” expression ! :smile:

@jospoortvliet
Thank you for your kind response. So i made the jump and did the upgrade with the updater and the beta channel (i’m now back on the stable one). All went well and smoothly, not a single glitch !
I didn’t have time to test everything thoroughly but as far as i went that 11.0 version seems a very good one and is slightly more responsive than the 10.0.2.
I will, as usual, report if i find something wrong.
Thank you to all for your great work !
Regards,

… file browsing is incredibly fast :smiley:

Thanks for the new release!

Great release! Upgrade to a new version went smoothly. Well, except it had some issues with .well-known directory which I use for verifying LetsEncrypt certificate. Is there a way to place that on some kind of “Update ignore list”?

Once I’ve moved that directory out of webroot everything went smoothly…

Sweet Godzilla.

:heart_eyes:

If I can help, count me in.

:heart_eyes:

You guys are phenomenal.

1 Like

Hi Pixolin,

The snaps don’t update via the updater app, they have their own mechanism where you don’t have to do anything for the snap to update. You can expect Nextcloud 11 in the snap some time early next year. It takes extra time to built and test that and we first want to release the image for the Raspberry Pi 3.

@grzegor in reality, very few people use the encryption app and none of our customers do. So, as @BernhardPosselt pointed out - this is in the end a community driven project. As in, if somebody does the work, it happens. I do believe there are discussions about doing something around encryption for Nextcloud 12, though, so perhaps this will get tackled. But no promises.

By the way, you can use the Encryption app with an object storage, in that case no file names are leaked. There is a work-around, thus. With regards to the UUID, that is what the object storage does and I suppose it would be possible to adapt it to the encryption app somehow. But it would require a major re-architecture of how external storage works, from what I can tell. In any case, perhaps for 12 or 13. We have plenty releases ahead of us :wink:

Thanks for caring!

I’m happy to take that compliment on behalf of the people who ACTUALLY do the work :stuck_out_tongue:

/me hides now for the bananas thrown at him

1 Like

Here’s another for you: I just upped to 11 manually and damn it is fast.

1 Like

Just upgraded my home NC 10 to 11: How bloody boring! 30 seconds of clicking and a 130GB NC jumps to the right (by one).

I resigned myself to this non distro integrated application a while back - I’m a sysadmin with 20 years experience of one or two systems and that is not the way “we” do things cough - I have not been disappointed yet. This particular NC started off life as an OC 7 on Centos and is now on Xenial.

For this update I didn’t bother with a snapshot first (I did check the backups though)

Good work devs n co. Love it - seriously boring upgrade. I’ll test the new functionality and move my other instances later.

1 Like

Had to work on upgrade automation :wink:
Just upgraded too.
Awesome work ! :ok_hand:
The new nextcloud app store is a big improvement.
Also, I really feel the improved performances when surfing in my folders tree & files.
Congratulation ! :thumbsup:

Calendar on Nextcloud 11 major bug spams a users contacts while importing a calendar from google

This is going to really piss off folks like me who saw this project featured on Linux Action Show and decided to import data into a new install…

They specifically touted this project as a replacement for Google Apps and Dropbox!

Well it seems like less marketing promo press releases and more devs testing especially the functions users use when adopting nextcloud is in order.

Major bozo move guys…

Regards,
Oclair

See: Calendar import google auto set to spam past appointment invitees

1 Like

If you would like to update […] wait for 2-3 weeks until we make the new release available in the Nextcloud Updater app

By this time, 7 weeks are gone, and I’m still not receiving an update notification on my Nextcloud 10.0.3. Will it ever come?

About 40% of the users now should have received a notification for Nextcloud 11.0.1. Every day this week, we add another 10% so by Sunday, everyone should be notified :wink:

Of course, if a big issue surfaces, we’ll slow down again.

2 Likes

Hope I will receive the update notification soon :wink: ( actualy 10.0.3 )

Any idea of when it will be available for 100% of users ?

Thank you for your answer and for everything !

We were a bit slow, we’re at 60 % now and I’ll ask for 80 today end of day :smiley:

Just get it today :wink: It’s on progress … thank you

1 Like