Hi there! A little background: I write down notes a lot to make up for my bad memory. I’ve been doing this for a few years, and it’s usually a few thousand words a day: some professional, some deeply personal. Because of this, I’m trying to be conscious about keeping these notes private. While I’ve made a few changes along the way to follow better privacy practices, I thought I’d post here and see what other ideas are out there.
Right now, I have a few thousand markdown files stored in iCloud with end to end encryption. It’s far from a perfect system: ideally I would get away from cloud storage, iCloud is closed source, and there’s no native linux client. While it’s more private, writing entirely on paper isn’t an option: typing is much faster, it’s easier to query, and I can do fun things with this data. I think my next shift is towards using syncthing to maintain copies of these notes across devices, as I often edit from various machines and want to maintain multiple backups.
Rather than asking directly for proposed solutions, I’ll ask: What should I be considering? Does the editor I use matter? Does this go down to operating system level? I think the answers are both of these are yes, but I don’t know what else I should be asking myself.
Thanks a bunch for the suggestion, I will definitely check out Joplin’s E2EE syncing. I guess I should have been more specific; I’m looking more for a way to store and synchronize notes, rather than a tool to edit them. Given that my notes are all nearly all text, most of the time I edit notes using vim or vscodium.
I also use Joplin and while it might not look as good as some of the others it is highly customisable. :)
You should probably try moving away from this practice. First, this leaves your notes vulnerable as they are not encrypted at rest. Second, those programs are not designed for private notes, meaning there is the potential for various leaks to happen that you may not even be able to catch (temporary system files, etc.). Using a dedicated notes editor (like Joplin) means you are using something designed to keep your notes confidential.
Disclaimer: In the case of Joplin specifically, the developers take issue with implementing encryption at rest. Their philosophy is “If your computer’s disk is encrypted, then all your notes are already encrypted at rest.” This is flawed thinking for many reasons that I won’t get into here.
If you don’t mind I am curious to hear your reasons. I personally agree with the developer, I think it’s a lot of work and doesn’t provide a meaningful win. If an attacker has access to the system, there are many other ways they can access your notes even if the notes are encrypted at rest. Based on the thread it sounds like what people actually want is isolation and access control, but I don’t think that responsibility should fall on the app developer, it should be handled by a broader system (like Veracrypt, or Flatpak).
For the same reasons KeePassXC encrypt their databases and Signal got backlash for storing encryption keys in plaintext. Encryption doesn’t protect against everything, but it is a big deterrent against many attacks.
KeePassXC and Signal are regarded as security products. Joplin is not, and I doubt the developer wants it to be. If we push for every product developer to bake their own security systems, we will end up with half-baked products and half-baked security. If people want better isolation between apps, they should choose an OS that does so, or push for one if it doesn’t exist.
I also don’t agree with their reasoning behind not having at rest encryption. However @blackboxwarrior, I also recommend Joplin for your use case. There is also a vim keyboard mode in the options, but I don’t recommend it even though I also use vim.
To add on to note taking, Obsidian is an open source alternative that is designed for markdown. It also has an in-built vim mode
This is wrong. Obsidian is not open source. It’s a closed source app, that uses an open format (i.e. markdown).
I’ve seen this often and fallen for it myself, so much so that I think it could be considered an instance of the Mandela Effect xD
edit: see “Restrictions” in TOS https://obsidian.md/terms
I’ve been looking up a solution myself for years. I ended up with encrypting my note folder with Gocryptfs and synchronize the folder with Syncthing.
Requires quite the setup at first, but perfectly fits my needs (I also use extensively the terminal).
On android there is DroidFS to decrypt your synched folder and read the notes in mobile, but I couldn’t find a way to edit them.