Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the ninja-forms domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the simple-custom-post-order domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-mail-logging domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the health-check domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the updraftplus domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rocket domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/wp-includes/functions.php on line 6114
Nextcloud is part of the Play Security Reward - Nextcloud

Nextcloud is part of the Play Security Reward

To improve the security of Android apps, the Google Play Security Reward Program offers up to $ 20,000 security bug bounties for popular Android apps including TikTok, Paypal, Tesla, Spotify, Facebook, Snapchat and Nextcloud Talk and Files.

Improving security

Nextcloud offers a security bug bounty program, recognizing the contributions of security researchers to the safety and privacy of Nextcloud users. For our Android Files and Talk apps, we now also participate in the GPSRP (Google Play Security Reward Program), which provides additional and specific awards for finding security issues in our Files and Talk Android apps. According to Google:

The goal of the program is to identify and mitigate vulnerabilities in apps on Google Play, and keep Android users, developers, and the Google Play ecosystem safe.

Security researchers who responsibly disclose the applicable issues they find to Nextcloud will be able to apply for an additional reward of up to $20,000 from the GPSRP program. The process is that they first go through Nextcloud’s existing bug bounty program before they reach out to Google. The two main categories of issues covered by GPSRP are arbitrary code execution (ACE) and theft of sensitive data.

For Google, the benefits are two-fold. First, with more secure apps on their platform, the risk of bad news due to data leaks is reduced. And, where the issues are caused by problems in Google’s API’s and platform capabilities, Google will get insights and a chance to improve those which will benefit the security of all apps in the store.

Nextcloud users of course benefit from improved security, even when they do not get their apps from the Google Play store but through F-Droid.

You can find details and information on participation on the bughunters page of Google.

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.