Hacker News new | ask | show | jobs
by unethical_ban 3839 days ago
So an open source product with active and transparent security patching with a bug bounty isn't good enough?

Yet you want to offer two closed-source alternatives. I am not defending Owncloud's record, I'm attacking your logic. A low-effort all-in-one groupware and private doc cloud (Google Apps replacement) is an awesome thing - if Owncloud could make deploying an email server as simple as the rest of its toolset, they will have hit the home run.

And sandstorm.io - still waiting on internal user stores.
2 comments
middleclick 3839 days ago
> internal user stores

Can you please elaborate why this is a blocker for you since they offer email-based login?

link
unethical_ban 3839 days ago
The entire premise of self-hosting is SELF hosting. Internal network, no operational, day-to-day necessity for Internet connectivity post-install.

If I install such a product, it's because I want total control over my data and the terms by which I access it. Being forced to use Google/Github/email as auth goes against that.

link
eeZi 3839 days ago
His point is that a properly built proprietary product is better than a hacked together open source project.

Active and transparent patching does not improve the code quality.

link
melted 3839 days ago
How do you know a proprietary product is "properly built"?
link
jospoortvliet 3839 days ago
Especially considering, unlike those proprietary products, our open source product and the engineers we pay to work on it are under constant and public scrutiny thanks to availability of the source.

Honestly, I think you should not even consider trusting a proprietary product with your most important private data. There's no guarantee it isn't full of back doors and you can't audit the code or pay somebody to do it - some companies would even sue you if you try (see the Oracle debacle some weeks ago).

link
eeZi 3839 days ago
I don't agree with him, I just understand his point. Actually, I wouldn't really trust either product at this point - there have been too many vulnerabilities in OwnCloud for my taste, but buying a proprietary application is not an alternative either for my personal use.
link
jospoortvliet 3838 days ago
https://www.youtube.com/watch?v=iUMsPppwIH4&index=5&list=PLt... might bring some confidence. We hear from other security experts that we're considered an example in how we handle security.
link