"Open source is the only option for file storage that is really safe and secure.,” says ownCloud Founder Frank Karlitschek.
Frank Karlitschek is founder of ownCloud and maintainer of the project’s general architecture.
There I was, 4 years ago (this past January) at CampKDE in San Diego, giving a talk on data privacy, warning the audience about the risks to their privacy from cloud vendors – in particular, Dropbox. So, build it yourself they said. Sure, I’ve built things in the past, so sure, I’ll do it. And there is where I started my odyssey, first, to protect myself, my friends and my colleagues from the snooping of governments, and other bad guys, and later – as I saw the worldwide interest grow – to build a real and successful project.
I had to decide a few things before I got started of course, including what it is I wanted ownCloud to do, what development platform to use, how I wanted to structure ownCloud, and of course, to name it ownCloud.
My friends and I needed a way we could sync our pictures, documents and even videos to our various devices (instead of using a thumb drive), and even to share those files with friends and family. Dropbox was by then becoming very popular, but I just didn’t want to send my data through a third-party service to be stored who-knows-where. I wanted to create a platform that friends could use the storage they already had – instead of the cloud — but not just for syncing and sharing, but a platform flexible enough to build apps beyond that.
Of course ownCloud would be open source.
Open source is my background, but it was for more than this. Using open source I would create code that would be completely transparent (so unlikely to contain “back doors” to my data). And I could draw upon so many like-minded people to help me build ownCloud, so I wasn’t alone. And I could reuse the technology from other projects. Like SABREDAV, which is the WebDAV framework we use for the server WebDAV communication (CalDAV, CardDAV and WebDAV are all used by ownCloud), and we also used jQuery. Then we used csync for the desktop client bi-directional sync capabilities, and Qt for the cross platform desktop user interface. I didn’t have to reinvent the wheel over and over again, instead, I could just plug and play.
But as I said before, I knew I wanted ownCloud to be more than just an “app." Sure, storing data in a safe and secure way is important. But at the end of the day people want to do something with their data so I wanted to provide more functionality through ownCloud Apps. Apps are extensions that can implement features like virus scanning, logging of file access and changes, read and write files in other storage, file versioning and encryption, files editing and much more. This kind of integration of file storage with other services is essential in the future.
I wanted my project to be flexible, so that people could build ON to ownCloud (and many have, with a “Google News” type app, a video streamer, a music player, a calendar app – and more) and so that ownCloud could integrate into many different environments. For example, any WebDAV client could access ownCloud from the beginning, and the concept of internal apps was there from the start.
Of course, we are more advanced now – there are APIs for Sharing and Provisioning, there are internal APIs for apps using OCS, there are mobile libraries (which we open sourced) to integrate into other mobile apps, a key value store for general purpose data storage and syncing and more. Further, there are backend integrations into external storage like FTP, S3, SWIFT, CIFS, iRODS and a lot more. But even back then when we started, the intent was clear – build something flexible enough so people could create solutions we haven’t even thought of yet.
And THIS is the power of open source.
We (my ever-expanding community and I) evaluated different options to find the right technology that runs on every relevant platform, scales from tiny servers to big clusters, has all the needed features and is known by a big number of developers. So we choose PHP and JS for the server part, C++ for the Desktop Syncing Clients, Objective-C for iOS and Java for Android.
There were several architectural goals from the start: cross platform, easy to extend, leverage existing high availability infrastructure of off the shelf components in wide use.
So, we chose PHP for the most common, proven LAMP stack available that provides all that.
Also, this is an open source project and PHP is freely available, easy to find, works cross platform (Windows and Linux variants, IIS, Apache and more Linux server variants). There is a massive existing developer base as well, with lots of highly experienced developers. Finally, it is a language that is easily accessible for the community. With all that, it was a no brainer.
Because this project started by me talking about security and privacy, it was also essential to have the best possible security for all APIs. I chose strong SSL encryption for all WebDAV and REST APIs. Authentication is done via basic auth, which is very simple and easy to manage. We also can use SAML, provided through the Shibboleth implementation of the standard. In addition, OAuth and 2-factor authentication is available, and we even take advantage of ownCloud’s flexibility to integrate with custom back ends, using tokens instead of standard passwords.
I believe that file storage is not just another web service or IT infrastructure. This is where people and companies store and manage their most important data. Because of that it is essential to have it as secure and safe as possible. With proprietary software you can never be sure if there are any back doors or other security problems with the software. Open source is the only option for file storage that is really safe and secure.
So this is what I did, and why. It has been a labor of love that have gotten a great deal of attention too!