ownCloud began at a KDE community event in 2010, aiming to bring greater flexibility, access and security to data in the cloud. ownCloud enables universal access to files through the widely implemented WebDAV standard, providing a platform to easily view and sync contacts, calendars and bookmarks across devices while supporting sharing, viewing and editing via the web interface. Installation has minimal server requirements, doesn’t need special permissions and is quick. ownCloud is extendable via a simple, powerful API for applications.
With more than 450,000 users, ownCloud offers the ease-of-use of Dropbox with more flexibility and security. ownCloud users can run their own file sync and share services on their own hardware and storage, use popular public hosting and storage offerings, or both.
Other major improvements:
- Drag & Drop File Uploading – Enables end users to upload a file from a browser without installing a client. Simply open a browser, log in and then drag from the desktop into the ownCloud window.
- Shared Calendars and Calendar categories – End users can sync their own calendar, but also share their calendar with others, enabling them to see and schedule appointments while looking at the user’s schedule.
- File Encryption – new server side encryption increases file security while at rest – not even server admins can look at these encrypted files while they reside on the server.
- ownCloud 4 also adds a to-do syncing plug-in, improved contacts and groups, improved file sharing, enhanced the photo gallery, improved system performance, easier installation of third party plug-ins and more. Complete details can be found http://owncloud.org/features.
...if it would only sync FBReader bookmarks and FireFox tabs/bookmarks á la read it later across devices...
If you're involved in this project, please fix one thing on your website: What on earth is this?
You need a simple statement of what the project actually achieves for me, not random promises of "versioning" or pictures of calendars. I've no idea why I need them.
Rob Walling's "Promise to verb your noun" is a great way to quickly get something up.
Edit: Just read about it on Wikipedia. Now I get it.
I read their webpage and thought the same thing. They should just add a <h1> tag to the website that reads "Bring Cloud Storage to your own Hardare" above their main graphic.
OwnCloud is using Mersenne Twister (not secure) seeded by time of day and PID (which is not nearly enough entropy) to generate keys. The encryption is done in ECB mode, which leaks data (https://en.wikipedia.org/wiki/Block_cipher_modes_of_operatio...). The encryption key is stored in the clear in session data, which usually resides in /tmp.
There's more, but those seem to be the worst parts.
Oh Gawd. I would have thought that someone who claims to be in the business of making a more secure alternative Dropbox would actually know something about how to encrypt things.
Also, what's the benefit of using a 7-year-old pure-PHP implementation of Blowfish when mcrypt gets the job done much better and faster? OwnCloud's install instructions actually require a bunch of PHP extensions. They could have just thrown mcrypt into that list.
had a good laugh when i saw this article. thx mithrandir :)
passwords stored in the clear in server-side sessions => server hack compromises data. storing keys server-side means admins can get into your data.
had a big lol at the use of blowfish ECB - use of any cipher's ECB mode for bulk encryption is asking for problems. they should be using CBC, CTR, LRW or, ideally, XTS modes.
Using server-side encryption at all means admins can get into your data, does it not? They can modify the source code so that when the server decrypts/encrypts the data at your request, it also saves a copy in cleartext. How would you avoid this without encrypting on the client side?
What makes something a "cloud" and not a "directory manager"?
Why is for example http://code.google.com/p/relay/ not a cloud solution? Is it only a marketing term or does functionality like being able to syncing from multiple devices make something a cloud?
Historically, the "cloud" was a symbol drawn on network maps to show the part of the network you don't care about. So you'd draw some servers over on one side, and a line going through a cloud to indicate a bunch of routers and stuff, and then the line would go to some clients on the other side. Your ISP is a "packet routing as a service" cloud provider. After a while people started asking, if we can put network routing in the cloud, why not other kinds of computing? So the idea started to take shape: instead of just asking the "cloud" to route your packets to servers that would send back computations or stored data, you can ask the cloud for the data directly. Again: the cloud is just the part of the computer/network that you don't have to care about to get your job done. Google docs: you don't have to care about the disks your data is on. Amazon: you don't have to care about the CPUs your programs run on. None of those are perfect implementations but they're close enough for marketing departments :) A better example is the Kademlia DHT: just throw a hash into the network and you get data back. Much cloudier! :)
Cloud is pretty much just a marketing term. Although it does imply a "seamless" experience such as syncing data so that environments are equal. I wouldn't say that syncing is the requisite but seamless is more so the goal.
I was psyched about contributing to this awesome project so I immediately checked out the core. Then i saw it's written in php........... never mind :(
Although I like the idea of syncing my files in one place and managing it myself, it would hard for me to commit to using a PHP application for such an critical task.
ownCloud began at a KDE community event in 2010, aiming to bring greater flexibility, access and security to data in the cloud. ownCloud enables universal access to files through the widely implemented WebDAV standard, providing a platform to easily view and sync contacts, calendars and bookmarks across devices while supporting sharing, viewing and editing via the web interface. Installation has minimal server requirements, doesn’t need special permissions and is quick. ownCloud is extendable via a simple, powerful API for applications.
With more than 450,000 users, ownCloud offers the ease-of-use of Dropbox with more flexibility and security. ownCloud users can run their own file sync and share services on their own hardware and storage, use popular public hosting and storage offerings, or both.
Other major improvements:
- Drag & Drop File Uploading – Enables end users to upload a file from a browser without installing a client. Simply open a browser, log in and then drag from the desktop into the ownCloud window.
- Shared Calendars and Calendar categories – End users can sync their own calendar, but also share their calendar with others, enabling them to see and schedule appointments while looking at the user’s schedule.
- File Encryption – new server side encryption increases file security while at rest – not even server admins can look at these encrypted files while they reside on the server.
- ownCloud 4 also adds a to-do syncing plug-in, improved contacts and groups, improved file sharing, enhanced the photo gallery, improved system performance, easier installation of third party plug-ins and more. Complete details can be found http://owncloud.org/features.
...if it would only sync FBReader bookmarks and FireFox tabs/bookmarks á la read it later across devices...