My understanding is that Nextcloud doesn’t offer end to end encryption by default, and it is having lots of problems.
Can you help me understand the threat model of using Collective.Tools as a cloud provider for my files, calendar, and contacts in the US.
Perhaps it’s safer than a US hosted provider like Google or Dropbox because your based in Sweden but also more unsafe because the files are unencrypted on the server and in transit?
Is there anything that can be done on your end or mine to provide better security?
It looks like I can have more security by installing Crytomator and syncing an encrypted vault rather than the native files. Cross my fingers it works with Joplin.
Thanks for helping me better understand how this all works.
1 Like
Hi! There are a few different options for encryption, you can get an overview here: Encryption in Nextcloud – Nextcloud
The best developed one is server side encryption. We don’t enable that by default, but the group installations can chose to set it up themselves. It uses more resources and storage space, so groups will need to take that into consideration. Here is a setup guide for that Encryption in Nextcloud – Nextcloud
The end to end encryption that they are talking about on Reddit (on servers with not enough memory) is new from the last version of Nextcloud and we haven’t tried it out enough yet.
Here is more general info on Nextcloud security: How Nextcloud keeps your data secure – Nextcloud
The differences to Google are still enormous - the main thing being that they scan and sell your data to advertisers.
With Nextcloud you can move your data to other providers - and don’t get the lock-in to a cloud provider.
We also see our cooperative structure as a safeguard to your user data, our users also own the company.
I can’t see end-to-end encryption available as an option, so I’m guessing it is not supported by the server.
Hi @farnerup ! Yes the things I wrote above are for the group accounts, for the individual accounts we haven’t activated encryption. it’s something that we are considering and are interested to hear your feedback about.
It would mean that we encrypt the data of all individual accounts and possible drawbacks are that it’s a bit more complicated to reset your password if you lose it and the data would need a more server space so we probably need to increase the price a little bit. But I’m guessing that most users would still want it.
Well, for my part I would want encryption, if it is end-to-end.
Yes, the end to end encryption was still new when this thread started, but I think it makes sense to start using it when we upgrade to this version of Nextcloud: Announcing Nextcloud Hub 3 - Brand New Design and Photos 2.0 with Editor and AI - Nextcloud