[exiguus]

My primary concern is the lack of encryption for the notes. This absence of encryption leaves them exposed and vulnerable. Relying on third-party services like Dropbox, iCloud, or similar platforms to sync notes across devices only heightens the potential for data exposure. There is also a Obsidian forum thread about that [1].

I believe the primary issue with nearly all note-taking tools is the lack of genuine encryption. Many claim to use end-to-end encryption, but I find this misleading. End-to-end encryption secures communication, not the data itself.

I wouldn't recommend a tool to anyone that doesn't encrypt the data itself to maintain private notes. Its like storing your passwords in plain text.

[1] https://forum.obsidian.md/t/local-file-encryption-of-obsidia...

[Unbanshee]

True, Obsidian lack of native local encryption is absurd in 2025. Standard Notes, Joplin, OneNote, even Apple Notes support this. Obsidian people will keep replying you have to protect your whole filesystem. This is absurd. Zero Trust is one of OPSEC main principle. Sounds crazy to me to externalize security for a note-taking app in 2025.

[xxpor]

This is such a trivial problem to solve. Full disk encryption, or something like https://github.com/tejado/obsidian-gpgCrypt

[exiguus]

I like the gpgCrypt approach, but its not trustable.

[xxpor]

Genuinely curious, why? The concept of GPG or something else?

[exiguus]

> Warning: Encrypted notes might be stored unencrypted on disk due to Obsidian's caching mechanisms, coredumps, or other reasons.

is one statement from the authors of the plugin.

[xxpor]

OK, I agree that's bad behavior from Obsidian

[al_borland]

Do you have a current solution that addresses there concerns?

[exiguus]

Currently, I use Joplin, which supports on device encryption and self-hosting. Previously, I relied on tools like git-crypt, TrueCrypt, or LUKS for encryption. However, as far as I know, git-crypt is not secure anymore. And using encrypted containers or file systems has the drawback of being difficult to share once they exceed a certain size.