[viraptor]

That's just entirely based on the "almost certainly" doing all the work. You're complaining about a hypothetical situation.

> you just wouldn't be able to tell.

You can setup a local web proxy and tell us. Also check the sources since it's an electron app.

[const_cast]

I don't use notion, but it would be a fun experiment to install a root CA and see the traffic.

It's probably not always this easy. I see many connections on apps using UDP, so who knows how, exactly, they are encoded.

The data may also be "encrypted", similar to how Zoom "encrypted" data. That is to say, the data is encrypted, but the private key is on the same server. So, if you MITM, it looks encrypted - but there's no security.

[benaubin]

it's electron so you can just open chromium dev tools and see almost all network activity - im pretty sure this is exposed to everyone in the debug menu. takes seconds. http proxy the rest. (i work at notion and do this all the time to debug)