Nextcloud scanning people's owncloud and nextcloud instances for security

I apologise in advance for posting a topic about Nextcloud on the Seafile forums. However, the issue transcends Nextcloud, and I would like to open up a discussion to see how the Seafile devs think about this.

I’m running a personal Seafile community edition server. Now, I understand the implications of running an insecure and out of date server very well, and I do my best to make it as secure as possible. I also understand that Nextcloud might consider it a ‘service’ to scan for servers on the internet, and let people (ehm I mean their ISPs) know when their services are insecure.

The fact that Nextcloud informs the ISP behind people’s backs however is a gross injustice which counteracts the very reason of running a decentralised service (or, rather, a centralised but personal service). Of course my personal server is accessible to the internet, and in doing so I am compelled to make choices to secure it (as much as I can). Putting that choice into the hands of someone who has the power and ability to punish me for my choices, is aggravating and nasty imho.

Sorry for my little rant, it’s just a bit upsetting to see a great competitor (which is honestly not so great) to Seafile take this path, and I would appreciate input from the community and Seafile devs to see how they think about this issue.


In Seafile, we don’t have a plan to add such feature to scan user’s Seafile instance.