Hacker News new | ask | show | jobs
by todd_t 1989 days ago
I want to see the words "encrypted at rest", or something similar.
3 comments
java-man 1989 days ago
Standard Notes [0] are allegedly encrypted at rest.

[0] https://standardnotes.org/

link
0xCMP 1989 days ago
In Standard Notes' case they are AES encrypted before leaving the device using a note specific key encrypted using your master password (or at least that's how the underlying system Standard File used to work). Encrypted at rest could just mean the volume is encrypted but they can still read your notes (since they have the key).
link
java-man 1989 days ago
They say it's XChaCha20-Poly1305 [0], and "no one but you" can read your private notes [1] (I don't know what that means).

They also list some security audits, though not without problems.

[0] https://standardnotes.org/help/3/how-does-standard-notes-sec...

[1] https://standardnotes.org/help/1/who-can-read-my-private-not...

link
lojack 1989 days ago
Unless they're self hosting, this might even be a super easy thing to add. With AWS and many other cloud providers this is either the default or a simple checkbox.
link
stevehawk 1989 days ago
On the off chance that someone physically steals the server?
link
edoceo 1989 days ago
Or steals bits at rest remotely for later analysis
link