|
|
|
|
|
|
by ramraj07
2127 days ago
|
|
|
I'm not sure how foolproof the encryption is if I can know every word you have typed in each note. Sure I can't make sense of the full structure but I'll know exactly what you've written about, so I'm not sure that's any more effective. The way I see it, if you want your notes to be encrypted while also cloud synced and searchable, there are only two options I can think of: 1. Store your notes in an encrypted file (sqlite) on the cloud and sync the entire file locally every time you login (and push updates somehow). Roam does this but wirhout encryption and it sucks so bad (opening the site takes tens of seconds if not more) because of that. 2. The product promises to store everything encrypted; data is instantly written to an encrypted personal sqlite db on the cloud (you alone have the decryption key, it's not saved in the server). Much more seamless experience. Im _also_ trying to create my own notes app, because I'm convinced I can create an app that can support a thousand users for the same cloud cost as a single roam research subscription. Current immediate plan is not to encrypt the notes, but my eventual plan is to try 2. If there are any other workflows that don't degrade user experience that can still encrypt everything client side, I'm interested to know more! |
|
|
It's not really clear where does the encryption/decryption happen in this scenario (client/server).
Any way, in my app (https://github.com/zadam/trilium), I encrypt on the client (not the whole database, on a per-note basis), sync with the server already encrypted data when internet is available (fine granularity so small and fast sync) and search happens completely on the client (which has full offline database and decryption key).
As a self hosted app encryption protects against a bit different threats so encryption is done only on request for particular notes (since it implies annoying "enter password").