from Hacker News

The recently lost file upload feature in the Nextcloud app for Android

by morsch on 5/14/25, 5:38 AM with 166 comments

  • by AmazingTurtle on 5/14/25, 11:06 AM

    We feel your pain at Nextcloud. Our team at Everfind (unified search across Drive, OneDrive, Dropbox, etc.) has spent the past year fighting for the *drive.readonly* scope simply so we can download files, run OCR, and index their full-text for users. Google keeps telling us to make do with *drive.file* + *drive.metadata.readonly*, which breaks continuous discovery and cripples search results for any new or updated document.

    Bottom line: Googles "least-privilege" rhetoric sounds noble, but in practice it gives Big Tech first-party apps privileged access while forcing independent vendors to ship half-working products - or get kicked out of the Play Store. The result is users lose features and choices, and small devs burn countless hours arguing with a copy-paste policy bot.

  • by moonshot5 on 5/14/25, 4:07 PM

    AOSP platform dev here. (Filesystem) Opinions my own, I don't speak for Google.

    Disclaimer: I don't use nextcloud, and have not looked at their app specifically, this is just a surface level observation from my relatively informed perspective.

    My take: SAF would work for this use case, as others have already mentioned.

    Google Drive does not have the permissions that next cloud claims Google is giving preferential treatment to, and is delivered via the Play store in the same way nextcloud's app is.

    As others have also observed, permissions such as MANAGE_EXTERNAL_STORAGE have been rampantly abused in the past, often in horrific ways.

  • by thombles on 5/14/25, 11:26 AM

    This is also why the official SyncThing Android app stopped being distributed. There is a fork but it's not available on the Play Store.

  • by jeroenhd on 5/14/25, 10:49 AM

    > SAF cannot be used, as it is for sharing/exposing our files to other apps

    SAF can be used. There are reasons why this wouldn't be a good fit for NextCloud (you can't share your entire internal storage, your download folder, or the root of an SD card, for instance), but I don't think NextCloud's statement makes sense.

  • by patcon on 5/14/25, 3:41 PM

    Monopoly behaviour.

    If they refuse to invest in the burden of due diligence required to allow others to operate exactly as they do, then they don't deserve to be managing the field.

    It's costly to supervise? Ok, then charge companies a token fee if it's a burden to monitor. Locking other players out is not the appropriate response

  • by squeedles on 5/15/25, 9:03 PM

    Google has reached out to Nextcloud and offered to restore the permission. Wonder if the decision was motivated by the technical arguments or if the antitrust trial and various mentions in the press were a persuading factor.

  • by inigoalonso on 5/14/25, 8:44 AM

    This is exactly why the EU's Digital Markets Act exists. And why it needs teeth. Google disabling Nextcloud's all-files access on Android, while quietly letting its own apps and big corporate players keep it, isn't about "security". It's about control. Nextcloud is a European, privacy-first alternative built on open standards and that can be fully aligned with GDPR requirements. Blocking its core functionality while favouring your own services is a textbook abuse of platform power. Android was supposed to be open, but moves like this show it (at least the Play Services verison) is just another walled garden. If the EU is serious about digital sovereignty and fair competition, this is the kind of behaviour that must be stopped. Otherwise, no European tech, no matter how compliant, open, or user-friendly, stands a chance.

  • by scottbez1 on 5/14/25, 4:29 PM

    Google has a history of creating first-party-only APIs to give their own Android apps an edge.

    In 2014 Google split their drive app into multiple separate Android apps for docs, sheets, etc. Obviously getting users to install and migrate to new apps would be a burden, so they designed a 1-click install modal that Drive could use instead of the typical redirect-to-Play-Store flow. Neat!

    Around that time the company I worked for (large competitor of Drive) was about to split out some core functionality into a standalone app and wanted to use a similar flow for similar reasons - Nope! Google locked that API behind an app signature verification (not even a permission) so only Google signed apps could use it. No possibility to request the permission or appeal - just a hard-coded monopoly.

    There ARE legitimate reasons that things like this can be risky and abuse needs to be mitigated, but there's a line that Google regularly crosses between abuse mitigation and anti-competitive behavior.

  • by igtztorrero on 5/14/25, 12:42 PM

    Google's former motto, "Don't be evil," was a key part of their corporate code of conduct, emphasizing ethical and transparent business practices. In 2015 the motto was removed, since then we are in their clutches. Now they are like Microsoft, that's the reason Nextcloud was created!

  • by leetnewb on 5/15/25, 8:15 AM

    From my reading, the new API seems like a move in the right direction. But either way, Google is asking Nextcloud to silently break backup/sync-ing until users grant permission, and my guess is that many users won't notice until they discover data loss - the damage to trust and brand would be substantial. And I don't think it is fair for Google to demand in this case when the consequences are almost entirely felt by the users.

  • by jsnell on 5/14/25, 8:41 AM

    Dupe (250 points, 170 comments): https://news.ycombinator.com/item?id=43970959

  • by aborsy on 5/14/25, 6:46 PM

    I rely on nextcloud AIO and need to sync my files.

    Google can prompt the user for permissions; it’s up to the user beyond that.

  • by dzikimarian on 5/14/25, 6:57 PM

    Honestly it's extremely annoying my device locks me out from my data - that would be third entry to my list:

    * Nextcloud cannot access all files, despite many other file managers can - at least Fdroid version works.

    * File manager cannot access /sdcard/android/data - inconvenient workaround via adb

    * App is allowed to decide if I can (manually) take screenshot/ocr the screen - usually it's banking app, that wants me to remember some long number - then I write it on closest piece of paper - awesome security. No workaround as far as I know.

    If I wanted such treatment I would buy ios :-|

  • by tuga2099 on 5/14/25, 9:46 PM

    Can Google drive app for any android upload all file types?

  • by BLenkomo on 5/14/25, 10:30 AM

    I would like to have both options: Full file access and controlled access. I guess not eveyrone wants nextcloud full file sync.

    But yes this is shitty regarding google.

  • by yard2010 on 5/14/25, 9:34 AM

    Goddammit Pichai. We had something mediocre, why enshitify it to the oblivion?

  • by gitroom on 5/14/25, 12:10 PM

    damn this hits hard, i always feel locked out when stuff gets taken away like that - you ever wonder if tech shifts like this actually give us more control or just pull it away?

  • by tacker2000 on 5/14/25, 12:50 PM

    Google abusing their power, as usual. I guess Google Drive doesnt have these restrictions, does it? It's time the Europeans move together against these blatant antitrust violations.

  • by jeppester on 5/14/25, 3:51 PM

    There should be a DMCA-like law that would allow to instantly prohibit actions like these until they have been properly scrutinized.