[pclark]

This is really cool. I'm curious if you can read the entries?

[sgupta]

Thanks for the kind words! We're currently working on encrypting the entries - this is an MVP and we initially wanted to see if people like the idea.

[martey]

It does say on the home page that "Only you can see your entries." If they are not currently encrypted, that would seem to be untrue.

[colonelxc]

Even if they do encrypt it, they will have to be able to decrypt them server side to send you your month old posts. That means the owners are technically capable of also reading all of your posts.

[mbenjaminsmith]

That's not entirely true. If this were purely a web-accessible blog, there's no reason you couldn't encrypt/decrypt this in the client (sending and storing encrypted text). You'd have to throw out email posting in that case though.

[andreyf]

I think you're on to something. I look forward to the day when we are shocked by unencrypted private data accessible on the server as we do un-hashed passwords.

[dublinclontarf]

There are a number of online password stores where all the information is only decrypted on the client. Nothing new, just not widespread. Can't remember the name.

[johnrob]

That's a very difficult feature to implement, since the encryption has to be 2 way. It's much easier to achieve this with passwords, because all the system needs to do is validate supplied passwords (as opposed to reproducing the passwords themselves).

[Lewisham]

You could use a passphrase in the head of your email.

"Open sesame" or something equally corny.

However, you'd need an inversion of what is proposed here. Instead of emailing you an entry from the past then asking for your entry for today, it would need to ask for today's entry (plus passphrase), then reply back with an entry from the past instead.

I don't think the latter version is as compelling as the former, but encryption is sort of a must have.

[coryl]

Unless they're encrypting it, they must be able to.