Hi there! A little background: I write down notes a lot to make up for my bad memory. I’ve been doing this for a few years, and it’s usually a few thousand words a day: some professional, some deeply personal. Because of this, I’m trying to be conscious about keeping these notes private. While I’ve made a few changes along the way to follow better privacy practices, I thought I’d post here and see what other ideas are out there.
Right now, I have a few thousand markdown files stored in iCloud with end to end encryption. It’s far from a perfect system: ideally I would get away from cloud storage, iCloud is closed source, and there’s no native linux client. While it’s more private, writing entirely on paper isn’t an option: typing is much faster, it’s easier to query, and I can do fun things with this data. I think my next shift is towards using syncthing to maintain copies of these notes across devices, as I often edit from various machines and want to maintain multiple backups.
Rather than asking directly for proposed solutions, I’ll ask: What should I be considering? Does the editor I use matter? Does this go down to operating system level? I think the answers are both of these are yes, but I don’t know what else I should be asking myself.
I know i’m not really answering your actual questions, but i’ll just throw TrilliumNext Notes into the mix.
It’s open source, and it can be encrypted.
If you want sync you can selfhost a server too, if not it’s local only.
There’s an android app too, but i haven’t used it.I gravitated towards icalendar as a storage format for VJOURNAL entries with Evolution as my primary entry interface.
My workflow evolved over the years, but the earliest goal was to get started writing. Evolution > Memos > New Memo List > “On This Computer”. Then write.
In between writing I git-tracked that file then backed up the repository. I played with setting up xandikos to automate those parts (and it worked pretty well) but I stuck with direct file management to keep the writing path clear.
I also use tasks.org on my phone for intake, but I don’t do any automatic synchronization. Typically the app serves as a dumping ground, and from time to time (ideally though rarely before it gets weedy) I’ll massage those bites into longer form journal entries and clear the inbox.
From there, consumption/review is a free for all. I once converted my VJOURNAL entries to nikola blog entries so I could see them marked up, but I’m part robot and reading the markdown has been fine. I use nikola for other blogging, but the ability to view journal entries in Evolution (or some theoretical other VJOURNAL editor that I haven’t been able to find) without having to do anything more than write was appealing. Web based means you could point nutch at it once grep/sed/ack/awk on local files stops scaling. It took a lot of writing to get there, good job!
Quillpad might be of interest.
It also syncs with nextcloud
Obsidian working with syncthing just fine.
Obsidian is closed source - if I shift away from my current system I’d prefer something open source.
Out of curiosity, any ideas why so many people around FOSS/linux spaces recommend obsidian, despite it being closed source?
There is an open source alternative called Logseq
Joplin would also work
Obsidian is still recommended because it’s a good product, is actively developed, has a strong community, is cross platform, and has good data sovereignty with the markdown backend. It can be easily blocked from internet access (e.g., flatseal) and works fine without internet access. However, Logseq is a good alternative too.
Obsidian is closed source the Dev actively really listens to the user base and its very feature rich as in nothing really compares. Joplin second and then after that you looking at more basic apps.
They can all be private and encrypted in transit and at rest. It’s mostly about what features you want and then once you see what you can integrate you might want some quality of life features you didn’t even know you could want.
I think you’re spot on: Markdown files with SyncThing. That’s my setup as well, you just can’t beat markdown files as a back-end for flexibility and future-safety in my opinion.
Some things to consider:
- Editor: The obvious no-nos are editors with built-in AI support or cloud storage. FOSS editors are highly recommended. If you find a good offline FOSS WYSIWYG-style markdown editor, let us know. I use Neovim myself, but I’m often asked for recommendations by non-geeks.
- Operating system: You should be fine on MacOS (for now), but Linux is a great option for desktop. Windows is a loose canon with their AI snapshot approach, definitely avoid. What are you syncing to? Mobile devices are a lot more difficult to keep control of.
- Encrypted devices: Make sure you have full disk encryption on all devices and on all your backups.
There’s Zettlr and Typora for WYSIWYG md.
Well, here’s a copy&paste from the KSP JNSQ modpage. Had mostly the forum header and iframes to clean up, not much else. Made in Typora.
Original here.
I’d really love an open-source WYSIWYG for android, but I’m stuck with obsidian currently.
I would recommend Joplin, for these reasons:
- It’s digital (of course)
- It’s cross platform: iOS, Linux, Windows, macOS, and Android
- It’s fully open source
- It supports end-to-end encrypted syncing with different providers: Joplin Cloud, Dropbox, OneDrive, File system (for things like Syncthing), Nextcloud, WebDAV, S3 (Beta), and Joplin Server (Beta)
- It supports markdown editing
When looking for software in general, write down what you are looking for and what your requirements are. Then, consider if there are any conflicting requirements (e.g. “I want my handwritten notes to be transcribed, but I don’t want any kind of handwriting recognition”). From there, you can make tough decisions or find a compromise. Then, think about any problems that may arise in the future. Do you plan to switch operating systems to something like GrapheneOS? Do you want to move away from cloud storage altogether? From there, you can get a good idea of what to look for. Good luck!
Thanks a bunch for the suggestion, I will definitely check out Joplin’s E2EE syncing. I guess I should have been more specific; I’m looking more for a way to store and synchronize notes, rather than a tool to edit them. Given that my notes are all nearly all text, most of the time I edit notes using vim or vscodium.
I also use Joplin and while it might not look as good as some of the others it is highly customisable. :)
I edit notes using vim or vscodium.
You should probably try moving away from this practice. First, this leaves your notes vulnerable as they are not encrypted at rest. Second, those programs are not designed for private notes, meaning there is the potential for various leaks to happen that you may not even be able to catch (temporary system files, etc.). Using a dedicated notes editor (like Joplin) means you are using something designed to keep your notes confidential.
Disclaimer: In the case of Joplin specifically, the developers take issue with implementing encryption at rest. Their philosophy is “If your computer’s disk is encrypted, then all your notes are already encrypted at rest.” This is flawed thinking for many reasons that I won’t get into here.
If you don’t mind I am curious to hear your reasons. I personally agree with the developer, I think it’s a lot of work and doesn’t provide a meaningful win. If an attacker has access to the system, there are many other ways they can access your notes even if the notes are encrypted at rest. Based on the thread it sounds like what people actually want is isolation and access control, but I don’t think that responsibility should fall on the app developer, it should be handled by a broader system (like Veracrypt, or Flatpak).
If you don’t mind I am curious to hear your reasons.
For the same reasons KeePassXC encrypt their databases and Signal got backlash for storing encryption keys in plaintext. Encryption doesn’t protect against everything, but it is a big deterrent against many attacks.
KeePassXC and Signal are regarded as security products. Joplin is not, and I doubt the developer wants it to be. If we push for every product developer to bake their own security systems, we will end up with half-baked products and half-baked security. If people want better isolation between apps, they should choose an OS that does so, or push for one if it doesn’t exist.
I also don’t agree with their reasoning behind not having at rest encryption. However @blackboxwarrior, I also recommend Joplin for your use case. There is also a vim keyboard mode in the options, but I don’t recommend it even though I also use vim.
To add on to note taking, Obsidian is an open source alternative that is designed for markdown. It also has an in-built vim mode
This is wrong. Obsidian is not open source. It’s a closed source app, that uses an open format (i.e. markdown).
I’ve seen this often and fallen for it myself, so much so that I think it could be considered an instance of the Mandela Effect xD
edit: see “Restrictions” in TOS https://obsidian.md/terms
I’ve been looking up a solution myself for years. I ended up with encrypting my note folder with Gocryptfs and synchronize the folder with Syncthing.
Requires quite the setup at first, but perfectly fits my needs (I also use extensively the terminal).
On android there is DroidFS to decrypt your synched folder and read the notes in mobile, but I couldn’t find a way to edit them.
Consider installing NextCloud on a private virtual Ubuntu/debian server. You can deploy it via docker or other various ways to make this easy.
This can essentially grant you full control over your data as long as you trust wherever you host the server. You can install other open source apps on top of it - like only office which can give you live shared file editing like google drive or one drive.
Nextcloud has phone app access. NextCloud supports markdown. NextCloud is fully open source, and actively developed due to enterprise support contracts, kind of like Fedora. You could secure access over the internet through a VPN, https and every other hardening scheme.
If you don’t trust any infrastructure then host it on a laptop, so many reliable used devices can be picked up for cheap. Expand to other devices for redundancy as you become comfortable.
Feel free to create accounts for family and people you trust, freeing your community from monopoly.
Ask ChatGPT for the steps in between. This is my personal set up, feel free to ask me any questions ChatGPT can’t help with, though I may be slow to answer.
What journal app could you run via nextcloud?
Um… I think Joplin allows you specify your own cloud service.
Thanks for the advice! I have been wanting to check out NextCloud for a while, I think this would be a cool project to explore it.
Standard Notes is end-to-end-encrypted, syncs to the StandardNotes server, and the local storage can also be encrypted. You set it to send a daily backup to your email (in encrypted format)
What’s your current note taking process? Like do you pull out your phone and type stuff into it or do dictation or what?
I went the other direction and have a composition book or two a year worth of notes. If I want to give one to someone I just tear out a page. If I want to send one in email or a message I just take a picture of it.
I keep a little pocket notebook in my pocket and a big composition book in my computer bag.
What got me to that point, and the reason I asked about your current note taking, is trying to find what you’re talking about and realizing that it’s a pain in the ass, I don’t really use it or want to use it, it’s too ungainly to draw or scribble in, I don’t like it and it’s never at hand when I need it.
A little pad of paper in my back pocket, a pen and a sharpie in some other pocket and taking a few minutes a day to copy (manually sync lol) what gets jotted down in the moment to the composition book is easier and more manageable for me than a complex system that requires a computer.
I was just in a major natural disaster last year and while there were lots of things I didn’t prepare for and couldn’t have imagined, paper notes kept me sane and worked phenomenally.
I do keep a physical journal on me, and I love it! It’s great for sketching, mapping out thoughts with others, and quick writing on the go, but it doesn’t fit this use case.
Given the volume of writing I do, I don’t think hand-writing is feasible. The last few years average out to about 2000 words a day, and most of it is done on computers where I can comfortably type for long periods, and much faster than I could write by hand.
In addition, I need something queryable. Beyond just a ctrl+f search across my notes, I embed all of my notes and store in a vector db so I can group by semantic similarity.
That makes a lot of sense.
TBH, I would go with a cloud service in your situation. You’re using icloud now and if you can avoid changing away from it you should. Theres a snap (ugh) that purports to do this natively, but even on a nearly 15 year old thinkpad I can spare the clock cycles and memory to bring osx up in a vm and do it normal style.
I say a service, and you said you’re interested in syncthing (which is very useful) but I’d stick with icloud or something more like it.
I was in a disaster we never thought would happen. My self hosted server was rendered inoperable by it. My offsite backup on the other side of the county was completely destroyed. If it weren’t for cloud backups I’d have lost data. Connectivity was sparse and if I had been privacy focused in the immediate hours I would have recognized then that it was entirely provided by spare bits of dubious infrastructure brought in by the government.
Cloud services like bitwarden and icloud saved by butt. They were prepared for this unimaginable situation to a degree I couldnt have been. When I had a dead phone battery and no laptop, both were able to be accessed securely on other people’s computers and public terminals.
I wouldn’t worry too much about the privacy aspect. Once you have ADP on in iCloud you’re safe from lawful orders and interception is handled by transport encryption like tls, wireguard or whatever. Your pc is a concern but open source versus closed source isn’t the security panacea people make it out to be.
An open source package called winring0 -yes really, it says it in the name- that was abandoned by its developer 15 years or so ago for being a terrible security nightmare was found recently to be in lots of windows rgb drivers shipped by manufacturers today.
That is to say, you can’t really protect yourself from manufacturer and maintainer error or maliciousness. You choose to trust them and have to accept what you get until it’s too spicy and the whole system needs to be ripped out and replaced.
What I would do for privacy is audit my behavior and set up key (or password!) rotation. It’s easy to make sure your secrets are isolated from each other and regularly changed.
If you’re really concerned then make sure you have whole disk encryption (and understand how to recover data from the encrypted disk when the computer it’s attached to fails!). If that doesn’t feel like enough, store your db and any flat files encrypted as well.
In short, don’t change your working system. Change the way you interact with that system to meet your new needs.
Given the volume of writing I do, I don’t think hand-writing is feasible.
I write everything longhand. Many people have been writing entire books longhand, and have been doing it for centuries. And a few of us still do ;)
The last few years average out to about 2000 words a day, and most of it is done on computers where I can comfortably type for long periods, and much faster than I could write by hand.
Depends what you want to write, but speed may not be the key elements. Obviously, with tight deadlines from your publisher it may be a valid point but (I’m 50+) along the years I realized I would save more time by writing slowly but then spend less time rewriting/editing (less, as editing is still an essential part).
All of that to say: sure, digital technology may be a great help but it is not a necessity (unlike what big tech want us to believe). Tolstoy did not use a computer, neither did Flaubert, Shakespeare and Dostoevsky, nor did Nietzsche or Plato (to name just a few authors that have written a lot). It’s mostly a question of habits, aka developing the hand, arm and shoulder muscles used to write, and of endurance: the more you will write by hand, the longer you will be able to write without feeling too much fatigue. And of organization—aka, how you take your notes and maybe how your organize them. When I draft a text or take notes on the go, something I do every single day of the year, I use my own shorthand which helps me saves a lot of time. I also organize all my notes (research and personal alike) in an analog system that has been formalized many years ago: Zettelkasten. It works wonders and, in its way, it’s easily ‘searchable’.
One last suggestion: using the right writing tool may help a lot in reducing fatigue too. Have you tried using a decent fountain pen (with good quality paper)? But enough about handwriting :p
If you’re using iCloud, have you activated the optional Apple’s Advanced Data Protection? It ensures that no one, supposedly not even Apple can read your files on iCloud.
For anything digital (I draft longhand but I still need to type the final version), the moment I became privacy-conscious, my solution was to switch from Mac to a Linux PC, with full disk encryption. With This Linux PC there is no tracking and no telemetry (I was horrified to realize the volume of data that was send back to Apple by my Mac, it’s easy to test it: install LittleSnitch and tell it to not let apple’s services connect to the web. Sure most of it is probably fine. But probably was not enough for me) and I can use VSCodium (a Microsoft-free version of VSCode) for Markdown and LibreOffice Writer for word processing. For cloud storage, I would suggest Filen.io a small German company that offers zero knowledge end-to-end encryption.
I think many dedicated journaling apps (like DayOne on iOS/Mac) do offer password-protection but I have no idea how reliable it is. I would rather trust some Free/Libre software and the community to tell me what is safe.
BTW, feel free to come say hi to our small !journaling@sh.itjust.works community (I’m the admin). As an analog user myself, I would love to have more digital users participating. Well, to be perfectly honest I would love to have more people participating, digital or not ;)
Thanks a bunch for the detailed response! That community looks lovely, I joined and will hopefully be active in it in the future.
As far as physically writing, maybe big tech has already gotten to me but the idea of writing digital notes is much preferable. I’m sure I could definitely get more comfortable writing by hand and organizing in a zettelkasten, but for the moment I really enjoy markdown. Takes up less space, I can make backups, and I can do fun analysis with my notes. The other day I made a github commit-inspired graph of my writing frequency over time, and I don’t see a way I can easily do that with physical notes.
I use whichever editor is convienient at the moment and which I lile the UX of (Micro on a terminal, Pulsar on desktop, Markor on mobile), and commit the markdown files to a privately hosted git server (Forgejo). The git server is backed up regularly.
The editor doesn’t matter too much as long as it doesn’t have spyware and/or AI “features” like vscode.
When I’m on the go and need to read or write notes I have a clone of the repo on my phone, and if I absolutely need to pull/push to origin I connect via VPN.
I’m not sure how syncthing or similar work with merging different versions of files from different devices, so I’ve just stuck with git for that reason as well as version control (I make notes about homelab configs and issues so being able to go back is handy).
It’s hard to understand what you want. Why multiple devices? Why remote storage? Why not just use your laptop with local storage and encrypted backups? If you must have remote storage, why not self-host it on a cheap VPS? Just who are you trying to protect your data from? It’s a lot different if you think Trump is after you or something like that: you have to check your bed for microphones, rather than just worrying about your computer software.
So far I’m satisfied with just using my laptop for personal files, but if I were more paranoid I’d set up a separate laptop with no internet and take some additional precautions besides that. Anyway, the more machines you use, the more potential security holes you have to deal with.
Multiple backups is just a matter of running a script that backs up to more than one place, right? I use Borg for backup, and pointing it to multiple targets is pretty easy.
I find it convenient to be able to write notes on whatever machine I have with me at the time - desktop, laptop(s), or phone. If I only had one device I used, it would be easier to keep a backup on local storage. With multiple devices I prefer to have up-to-date notes on each device, and so I’ve leaned more towards remote storage and peer-to-peer file synchronization. This does add some security holes, but it’s acceptable within my threat model. Frankly, I’ve never used local storage across multiple devices because I don’t know how to do that, if it can be done with Borg but I will check it out!
Borg is a backup program not a synchronizer. Backing up to mutliple targets just means running a normal backup to target 1, then another to target 2, etc. Maybe what you really want is git. There are also some self-hosted multi-access notepad programs, sort of like how google docs work. Anyway if your problem requires a server or synchronization, look into self-hosting rather than some cloud thing.
