More Open Source Security episodes

Digital Sovereignty and Nextcloud with Frank Karlitschek thumbnail

Digital Sovereignty and Nextcloud with Frank Karlitschek

Published 9 Feb 2026

Duration: 32:26

The Nextcloud podcast explores its evolution as an open-source collaboration platform that promotes digital sovereignty, offering users self-hosted data and software, avoiding vendor lock-in and empowering data portability and transparency.

Episode Description

Josh talk to the founder and CEO of Nextcloud, Frank Karlitschek about digital sovereignty. There's a lot of attention lately around digital sovereign...

Overview

The podcast explores the evolution of Nextcloud, which began as a hobby project called ownCloud and was revitalized a decade ago to become an open source collaboration platform. It emphasizes Nextcloud's mission to provide users with control over their data through self-hosting capabilities, enabling digital sovereignty. The platform offers a range of tools for file synchronization, email, calendar, chat, and office work, all designed to be open and free from vendor lock-in, ensuring data portability and transparency.

The discussion also addresses the growing importance of data sovereignty in the face of differing privacy regulations across regions, such as European laws and U.S. legal frameworks. Nextcloud is highlighted for its scalable architecture and ease of setup, including options like Docker, making it accessible for both individuals and organizations. The platform is driven by a community-focused development model, prioritizing ethical practices and user freedom. Looking ahead, the project aims to enhance performance, security, and overall user experience to better serve its growing user base.

Recent Episodes of Open Source Security

22 Jun 2026 Packagist and Composer security with Jordi Boggiano

Strategies for securing open-source ecosystems include malware detection via third-party feeds, transparency logs, rapid incident response, blocking malicious downloads, private registry controls, immutable package releases, standardized workflows, MFA enforcement, and technical proposals like artifact validation and build attestation, while addressing challenges like maintainer hacking, AI risks, usability trade-offs, and the need for ecosystem-wide alignment and human verification.

15 Jun 2026 Sustaining Open VSX with Mike and Thabang

Eclipse Foundation's OpenVSX, a VS Code extension repository, surged to 600M monthly downloads, evolved to a commercial model with enterprise SLAs and security teams, while addressing scalability, open-source balance, and funding challenges for AI expansion.

8 Jun 2026 Hacking your CI/CD with Francois Proulx

Critical vulnerabilities in open source CI/CD pipelines, including hijacking and supply chain attacks via social engineering or compromised builds, are highlighted through incidents like TJ Actions and Ultralytics, with mitigation strategies emphasizing secure credentials, externalized workflows, threat modeling, and tools like *Smoked Meat* and *Bagel* to enhance incident response and supply chain security.

1 Jun 2026 Open source verification with Sal Kimmich

Cybersecurity challenges include complex application ecosystems, overlooked kernel vulnerabilities, supply chain risks, and systemic risks from under-resourced organizations prioritizing surface-level controls, alongside calls for regulatory reforms, proactive threat modeling, secure development practices, and addressing tribal nations' unique legal and sovereignty concerns.

25 May 2026 Vulnerability disclosure with Casey Ellis

The evolution of vulnerability disclosure highlights challenges in prioritizing critical issues, outdated legal frameworks, and the role of initiatives like Disclosed.io in standardizing policies, alongside AI's impact on detection, open-source risks, triage complexities, and the need for collaboration and transparency to address systemic security barriers.

More Open Source Security episodes