Ask HN: Do you know of any encrypted journal programs?

[archinal]

This year I'm going to try to keep a journal sporadically. It will at its basic form be text based content similar to a blog, but more personal.

I'd like to use a program that will at the very least encrypt, decrypt and collate my journal entries given some password. I'd like it to be self contained such that I can effectively hold everything I need on a USB key (I'd rather not depend on internet connectivity and "the cloud").

Bonus points for things that can search by tags, are OS agnostic and support multiple kinds of media (text files, images etc).

Does anyone know of any existing programs? Do you use any yourselves?

[Piskvorrr]

Truecrypt Portable gives you secure enough encryption (in other words, if the NSA is after you, encryption is futile without much more thorough preparations; for most uses, this is quite enough).

Notepad.exe gives you text editing. (Or anything else that could edit text, really - notepad is Everywhere and is so stupid simple that it has no obvious flaws; its 54 kB character limit is essentialy a non-issue in hand-typed journals)

So, what I do with sensitive data: (create a Truecrypt encrypted container file the first time) - when unlocked, that container will appear as a new disk when unlocked - create a file in that disk - work on that file - lock the container again, done. This has the added bonus that the container is a file you can take with you (sync to Dropbox, put on a USB disk, whatever) and the content is secure.

Usual caveats apply: choose a LONG passphrase and don't forget it (there's no "password recovery"!!!), don't unlock the container on untrusted computers (malware snooping in is the biggest worry here), don't copy the sensitive file(s) outside the container.

(A single program that does both of these things is unlikely to do both of them well - and encryption is really easy to botch in many non-obvious ways. Therefore, I use one program for encryption, another for text editing. It's slightly less convenient, but much more flexible: e.g. if I decide that I want to use DarkRoom for text editing, I don't need to make changes to the encryption part. I could even store non-text data: images, GPS traces, sound clips, mindmaps; all that without worrying how it would fit with a text editor)

[archinal]

That's really helpful, thank you! Is Truecrypt only for Windows machines though? A quick search hasn't turned up anything about Mac/Linux support, but I could be missing something.

[Piskvorrr]

It's cross-platform. Hm, apparently TC is now abandoned, but there are forks that have continued the work: http://veracrypt.codeplex.com/

[archinal]

Veracrypt seems to be perfect for me! Thanks for your help

[FroshKiller]

I don't think Notepad has had that limitation since, like, Windows 98 FYI.

[Piskvorrr]

I think it was there throughout XP, and fixed in Vista along with fixing the "bush hid the facts" Unicode detection bug.

And, well, XP is oficially EOLed, but still out there in the wild. Anyway, hand-typing ~30 full pages of text is not very likely in either case ;)

[FroshKiller]

In the interests of posterity, and not because I always need to be right about everything, I just remoted into an XP Professional Service Pack 3 desktop, entered 53.2 megabytes of text, then successfully saved, reopened, edited, saved again, and reopened the document again using Notepad.

[Piskvorrr]

:) Now that's what I call dedication! I stand corrected.

[brudgers]

Why encryption at the journal level instead of encrypting the storage media or via the file system?

I'd be less confident in an app that claims encryption than an operating system.

For what it's worth, I find writing on paper to outweigh more technology dependent approaches to journalling. And over time I've realized that writing stuff I'm worried about someone else reading is a sign that I'm just ruminating.

Good luck.

[archinal]

I'd like to be able to encrypt at the journal level so the encrypted "book" could have the potential to be synced to Dropbox or the like. I don't really need anti-NSA level encryption, more just a measure to (for example) stop guests from reading the content if I leave my machine on at home.

That's an interesting point about pen and paper!