Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

An error occurred while submitting your form. Please try again or file a bug report. Close

  1. Blog
  2. Article

Canonical
on 23 March 2017

Out of date software leaves you vulnerable

Cloud security iot security nextcloud

Two weeks ago, Der Spiegel wrote an article highlighting that out of date software on private clouds was leaving government and political party information vulnerable to being hacked. Given that political organisations being targeted is currently such a hot topic, it is somewhat of a surprise how widespread this issue appears to be. After discovering the size and scope of the problem through their own investigations, Nextcloud decided to take a proactive approach and help organisations’ awareness and address potential vulnerabilities.

The large number of insecure servers came to light as a result of a tool that Nextcloud was developing. Given their findings, Nextcloud took the somewhat unusual industry step to proactively work with Computer Emergency Response Teams in various countries to notify affected people of the risks, in an effort to help keep their data as secure as possible.

The Der Spiegel article and Nextcloud’s response which chose transparency over secrecy and following security best practices are a must read for everyone in the industry and a timely reminder to us all of the importance of updating our software on a regular basis.

As mentioned in NextCloud’s blog response, they have now released the Nextcloud Private Cloud Security Scanner as a quick and simple tool to enable users to regularly check their servers and ensure always up to date software. However the ideal scenario is for software updates to happen automatically and reduce the risk of a security threat as a result, especially so for smaller organisations and consumers, which often lack the technical know-how to maintain their system up to date . This is a feature that’s built into snaps, the universal Linux application packaging format, which is why Nextcloud uses snaps to distribute their software as part of their Nextcloud Box offering. Users of the box will get automated updates of their Nextcloud software whenever a new release is made available in the store. As a matter of fact the NextCloud Box is built on Ubuntu core, the version of Ubuntu entirely built out of snaps. This means that the entire software on the box is seamlessly updated without administrator involvement, and it literally takes no effort to keep your storage secure.

Related posts

Nathan Hart
29 March 2022

The Evolution of the Smart Home: Future Predictions [Part 3]

Internet of Things Article

In blogs one and two of this series, we covered how far we’ve come from the earliest smart homes, including older technologies and standards, and smart-home ideas that covered the gamut from innovative to total head-scratchers. We also covered the smart home landscape today, and what developments are on the immediate horizon. Here, we’ll ...

Guest
14 February 2017

The Nextcloud Box at MWC

Internet of Things Article

This is a guest post by Frank Karlitschek, Founder of the Nextcloud box. If you would like to contribute a guest post, please contact [email protected] At the Mobile World Congress this February, Nextcloud will showcase a device built to to allow users to bring their their data back under their control in a very literal ...

Amrisha Prashar
9 December 2016

IoT Builders webinar series – 2016 recap!

Internet of Things Article

With it nearing the end of the year we thought we’d take this opportunity to recap on all the ‘IoT builders’ webinar series we’ve hosted in 2016. The series looks at those making a difference in the world of IoT today, sharing their stories, insights and practical advice! Check out the list below: Introduction to ...