Security in Nextcloud: how to block 99.9% of user account attacks

📰 News
14

Yes, it is a pretty sensational title :wink:

But I got your attention, didn’t I? And that is literally my job :wink:

I didn’t even cheat by putting sex in the title (which according to research works even better). Hey, a title needs to make people want to read the article.

The accuracy of it - well, depends on context - you can also quite easily claim that using port 23 for ssh blocks 99.9999% of all attacks on SSH - technically correct but not all breaches are, of course, caused by that same type of attack. So it’s both true and not, I suppose.

Anyhow. Let me update the title a bit and call it ‘user account attacks’. That’s probably a lot more accurate, and doesn’t discount that there are 10.000 other types of attacks on servers. And it is still clickbaity enough to upset a few pedantic people :smiley:

But please understand - there are two things that make a project like Nextcloud successful. Doing interesting things is one. And the other is talking about it. If you don’t do one of those, you’ll just end up another irrelevant product and that is not what we want so yeah, we talk about it. And use most tricks in the book. Not all, we don’t pay google and facebook for ads, for example, but we do try to write, ehm, good (maybe clickbaity) titles to get attention for example. And we develop some features almost purely for PR reasons.

I totally get that some of you don’t like that, really. I don’t like sensational news or people who intentionally post outrageous stuff on twitter to get more followers. But the sad reality of the world is that it works and thus we can’t afford to not play the game if we want to be relevant. And I want MORE for Nextcloud to be relevant than that I want to be super realistic and be liked by everyone in tech all the time, sorry.

As another outrageous example I’m happy to discuss with tech people is how NextCLOUD is totally wrongly named and isn’t a cloud at all because a cloud is (blablabla). I’m happy to agree, it is 100% correct: Nextcloud is not SaaS, PaaS or IaaS. It is not a cloud in terms of AWS and OpenStack. But we still won’t rename it. And we don’t apologize for this name because IT WORKS, laypeople understand the name even if it irritates a few pedantic nerds. Sorry, not sorry. See, you can be right AND wrong at the same time :roll_eyes:

:heart_eyes:

1 Like