In this discussion it is clear that some of the problems of nextcluoud that are being discussed here are now overcome. However, in the privacyguides forum they continue to talk about nextcloud as a system that is not sufficiently secure. In particular, it seems that the public instances based on nextcloud have vulnerabilities.
I am very sorry about this because the principles that underlie the nextcloud and /e/ cloud projects are of great value to me: either open development, the use of federated protocols, etc.
This recent article lays out the results of some audit on nextcloud’s ability to withstand attacks and the performance would seem to be quite poor (some comments on this article can be found in this thread). Conversely, the results of the tests carried out on proton services seem to be quite satisfactory:
- Security audit results for Proton Mail(new window)
- Security audit results for Proton VPN(new window)
- Security audit results for Proton Calendar beta(new window)
- Security audit results for Proton Drive beta
What can you tell me about it?
I would also like to know if it is true that the synchronization of contacts and calendar in /e/ os does not use encryption. Thank you