[stephenr]

From the page you linked it’s clear to me:

> To allow sharing data across devices, we offer a service that enables syncing. View all available plans

> This service only tracks recent transaction history and never has full access to your data. Additionally, in the future it will be stored encrypted in a way that we can't even read it.

It’s clearly talking about the recent transactions stored on their servers.

[jlongster]

Yes, you are right. First of all, we're not talking about things like banking passwords or even account numbers, only transactions that you've been charged. But most importantly: this is completely opt-in. If you don't trust me yet, you shouldn't use syncing until I encrypt everything end-to-end.

If you only use a single local app, all of your data is entirely local to your device.

All other apps that host your data in the cloud have access to it, whether it's encrypted internally or not. What encryption buys you is the case if a hacker happens to get some of your data, they might not be able to decrypt it. But considering that the backend of the app itself must be able to read the data, the backend must be able to decrypt it, so a hacker could probably end up decrypting the data anyway.

End-to-end encryption in Actual will be better than all other cloud apps: I, even as someone with full access to the server, will not be able to read your messages. Only your device can.

It sounds like what you're really worried about is storing banking passwords unencrypted. We don't do anything like that at all.

[jlongster]

Just a quick follow-up: I'm already working on migrating the data to DynamoDB which will automatically encrypt the data (https://docs.aws.amazon.com/amazondynamodb/latest/developerg...). This will go live soon. But the website will stay the same: I won't say I offer encryption until I have true end-to-end encryption.

[stephenr]

> All other apps that host your data in the cloud have access to it, whether it's encrypted internally or not.

> End-to-end encryption in Actual will be better than all other cloud apps: I, even as someone with full access to the server, will not be able to read your messages. Only your device can.

Claiming to be better than every single other similar thing is probably as big a red flag as the lack of encryption.

[jlongster]

This is a basic architectural difference. I'm comparing apps that store your data locally to apps that store your data in the cloud. It's a well-understood difference that the former (with end-to-end encrypted syncing) absolutely provides better privacy than apps that store data in the cloud that the company can read.