E2EE encryption production ready!
If you read this, you probably are interested in encrypting your data so only you are the only one that can access your data. However, there are multiple ways to encrypt your data. We are using Nextcloud.com as open source software, so we are using their options.
The option Server Side encryption (SSE) is used to encrypt the files from the Nextcloud instance. However, as it is the server who is doing the encryption, the decryption keys are stored on the server. If that server is in your home, that is fine. But if you are using a hosting service, the keys are on the server that is located at your hoster. If it's an evil hoster, they can access your keys and decrypt your data. That's why we don't believe in this kind of encryption: it still requires you to trust the vendor. A lot of vendors advertise with this feature, but in our view it's only as much worth as you trust your provider.
End to End Encryption (E2EE) is probably what you want if you are interested into encrypting your data. E2EE can encrypt your data and only you can look at it on your device like a phone or laptop. It has some drawbacks, like the server (and the webinterface) can't read the files as it can't decrypt them. This is by design because only you have the encryption keys on your device. Also collaboration and sharing files is not possible anymore unless you give others your secret. However, if you have sensitive files like a picture of your driver's license, this is a perfect fit. It also does not require to trust your hosting provider.
However, E2EE is a troublesome child at the developers at Nextcloud. We pledged quite some money to get it developed in early 2018, offered development time, used our silver partner status to keep pressure on, but it took a long time to get ready. This was even made harder as Nextcloud GmbH used E2EE a lot in their marketing even though it was basicly unusable and the status of development very unclear. We were quite frustrated with the lack of development, as we think we really need E2EE for our users. The whole goal behind The Good Cloud is that we are a full service provider, which takes care of all the aspects of hosting Nextcloud in a privacy friendly way. But in the end, it comes down to trusting us to be the good guys. E2EE takes away that need to trust us, which makes our service a whole lot more privacy friendly!~
But away with all our frustration! E2EE looks to be production ready! We would like to thank Nextcloud and thank any of our users who made it clear to Nextcloud this was a wanted feature!
Having said that, we do have some reservations with new features in Nextcloud as first versions seems to contain a lot of bugs (software errors). We always test new versions extentisively on our own environments and keep up with all the features/bugs in releases on github, where the software is being developed. So I would suggest you wait a bit until we give the all-clear, which probably will around the time Nextcloud 21 releases.
If you don't want to wait, we recommend using https://cryptomator.org. You can encrypt parts/files/subfolders for which you think E2EE is needed. It's additional software which we have succesfully used and trust. The big disadvantage it requires some technical skill and you would have to additionaly manage Cryptomator.
Scanning documents with Nextcloud mobile app
While we are all working at home, here is a little tip for you Good Cloud users out there. It contains scanning documents with your mobile phone directly in your Good Cloud storage. There is no obvious documentation, so I decided to do a blog post about this functionality as lots of users don't know the functionality exists.
As you probably know we use Nextcloud as our hosting software, which includes the mobile client. The mobile app includes a nice scan function for documents that is accessible anytime, anywhere and incredibly easy to use. I'm using Apple, so I'm using the Nextcloud iOS mobile client to take the screenshot.
What do you say?
Yes, I'm still waiting for my Privacy-friendly phone to be delivered, but that's a different story.
Open the Nextcloud app, click on the + and select "scan document":
Select "Scan document"
Then the camera will try to find a document to scan (you will have to allow camera access of course). You don't have to do anything except keeping your phone steady. If it doesn't succeed, you can take a pic manually.