[orthecreedence]

I found Anytype a few months ago and thought "wow maybe I can ditch Turtl (I am the creator) and just use this."

A few things bugged me about it:

- It's a source-available license.

- You can't share with others (yet) even though they promote this as a feature.

- They call it e2e encrypted, but all your data lives unencrypted on-disk. In other words, it's encrypted in transit but not at rest. Anyone/anything that can read my hard drive can read all my private data. For me, that's too big of an attack vector.

That said, I think the interface and utility of the tool are amazing. It's kind of like if you mixed Notion with some kind of personal database. I really enjoyed using it and the sync between my devices worked great...not sure about the p2p aspect since they seem to have centralized syncing servers and whatnot, but I'm assuming there's the option to go p2p if you really want to.

Knowing all this, I'm rebuilding Turtl as a p2p system, Notion-like editing, and the same open source license as before =]. Anytype definitely inspired me. It's a really cool player in this space.

[pronkin]

Thanks for your input.

On the p2p topic: Our protocol is p2p and it's already working well in local networks. You can experience the magic yourself: install Anytype in local mode, create a space, and fill it with some data. Open the mobile app and log in with the same phrase, and your data will be synced without any central server, immediately! Isn’t it magical? The network is needed for backups and to solve the closed laptop problem. You can always self-host a network. We believe it's important to give people the ability to be free from a service provider

On the topic of e2e encryption: All your data in Anytype is encrypted at rest; only the indexes of this data (which are created and used locally) are not encrypted. We have plans to also encrypt the indexes. Currently, we assume that the majority of users employ full disk encryption, and if your machine is compromised, it is likely that malicious software can read memory and, therefore, access the keys. Could you please elaborate on the significant vector of attack, so we can consider this case?

Regarding the license, we have covered our logic here: https://blog.anytype.io/our-open-philosophy/. We are passionate about open source, and for some projects, it’s the only viable option. That's why our AnySync protocol and data format are MIT licensed. The clients are currently under a source-available license, as we are still exploring ways to make the ANY association and contributor ecosystem sustainable. Still researching…

Thanks for your kind words towards us and congrats on your progress!

[gepeto42]

I completely agree with the threat model of "an attacker on your machine can get to the keys" but I'd like to add two security use cases that makes encrypting indexes valuable:

1. Off-the-shelf malware exfiltrates data, as seen in ransom attacks. I'd feel better if the index was encrypted. It's unlikely an attacker would manually spend time trying to find the keys in RAM unless your app became very famous :)

2. Syncing files on a work laptop where IT might snoop.

Obsidian does not encrypt files at all locally, and for that reason I would feel quite self-conscious about loading a vault with potentially private notes.

Ironically, Obsidian is much better if you only have ONE big vault, but because of this, I have to live with 3 vaults (different threat models for each).

[hruzgar]

im not the dev but what you're wanting is completely unreasonable. No note application does this and this would slow down the application without having any additional benefits

[orthecreedence]

> No note application does this

Yes, the app Turtl (https://turtlapp.com) does do this and it's not slow at all really. It only decrypts data upon viewing, and immediately re-encrypts when saving data. So this is actually entirely reasonable and entirely doable. The benefits are that malicious applications can't read data just sitting on the hard drive, which removes an entire class of attacks. An encrypted hd doesn't help you when it's unlocked.

[junipertea]

How would you search through thousands of notes? Decrypt them all in memory, search and encrypt them again? How does this scale with attachments?

[orthecreedence]

Yeah, decrypt them all on startup and index them in-memory via SQLite. Regarding attachments, good question. Turtl doesn't index files.

[apantel]

I have a private note app that I wrote for personal notes to keep them off the cloud.

This is the one problem I don’t know how to go about solving for tens of thousands of notes.

If anyone has any solutions, please share.

[jitl]

Seems fine to encrypt a SQLite database with all the contents

[mehh]

Are your notes really that interesting? I’ve written software that does this sort of thing commercially, if your materials are that sensitive you’d be using one of those packages.

I suspect this is just a dev with a fetish for obsessing over security. Like putting an expensive lock on a cheap bike!

[shwouchk]

FWIW emacs org mode, arguably one of the best note taking applications, supports gpg encrypted notes out of the box.

[aaomidi]

Use GPL so the project can go on longer than the company.

[eternityforest]

Turtl is gonna be P2P? That's exciting! Maybe we'll finally have a Google Keep killer.

So far SyncThing is the best P2P system I've ever seen, I wonder how hard it would be to just make their engine into an embeddable component and use that, so we could keep notes in plaintext folders.