NexBox comes with transport encryption by default. The files itself, though, are not encrypted.
Nextcloud’s built-in server-side encryption seems to only encrypt the files itself, not the meta data (e.g., folder names/structure etc), is this correct? Also, on the kickstarter page, it is stated that enabling this could impact performance; is this only meant as in it takes longer to access your files since there is additional en-/decrypting involved, or are there other performance caveates?
If one would opt for using the DynDNS method to access the NextBox via internet, full E2E encryption is available. Is this any different than Nextcloud’s built-in server-side encryption?
In any case, I was wondering where the key to decrypt the data is stored; is it stored alongside the encrypted data on the server (which would kind of defeat the purpose, I think)? Does every client get its own key pair?
Also, can one use client software or the web interface to access (and decrypt) one’s data, or do any of these options not work anymore if using any kind of encryption?
After writing up this post I think these questions are probably not so much about the NexBox than about Nexcloud, but maybe someone does know some answers or has some pointers for me!