📝 Correction | Nextcloud is NOT End-To-End encrypted #1794
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#1794
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Description
The text on https://www.privacytools.io/software/cloud/ reads:
(emphasis mine)
I'd suggest to remove any references to E2EE entirely for this software, unless Nextcloud can provide proof / instructions that it's possible.
Why I am making the suggestion
False advertising of features.
My connection with the software
I have tried the software because privacytoolsIO recommends it, especially because I was looking for E2EE. I followed the self-installation instructions for my Debian server (using docker), installed the client on Windows and Android, only to find that there exists no E2EE option anywhere in the app on Windows, Android or on the server Web UI. The files can be read unencrypted in clear-text on the server(!) when accessing the server via either SSH or SFTP.
Their website has:
and if I understand correctly, to enable it as admin you install this
However we should probably have a warning label that the upstream says End-to-end encryption is still in alpha state, don't use this in production and only with test data!
It looks like the issue that has been linked to the warning label (https://github.com/nextcloud/end_to_end_encryption/issues/111) was closed after this PR was merged. Should we update the link to somewhere like https://help.nextcloud.com/t/help-test-the-latest-version-of-e2ee/87590 instead?
probably create a new issue or PR, would be the right place.