this post was submitted on 07 Jan 2025
3 points (100.0% liked)

Privacy

0 readers
18 users here now

Everything about privacy (the confidentiality pillar of security) -- but not restricted to infosec. Offline privacy is also relevant here.

founded 2 years ago
MODERATORS
[email protected]
3
I'm checking out various "personal knowledge management" tools in a sandbox to see if it be an upgrade my ragtag collection of text file-based notes. (fedia.io)
submitted 3 months ago by [email protected] to c/[email protected]
31 comments fedilink hide all child comments
 

I'm checking out various "personal knowledge management" tools in a sandbox to see if it be an upgrade my ragtag collection of text file-based notes.

First candidate is #Logseq, supposedly "privacy-first".

How #privacy friendly is something based on Electron (aka Chrome)? Debatable, but then they also do this:

  1. Have "Send usage data" on by default
  2. Start with an example page that embeds a YouTube video, and accepts all cookies

tcpdump and mitmproxy go wild when starting the program.

Shows that the "Send usage data and diagnostics to Logseq" setting is enabled by default.
Shows the services being contacted by Logseq over HTTPS right after starting it for the first time. Hosts that are being contact: www.youtube.com, googleads.g.doubleclick.net, jnn-pa-googleapis.com, play.google.com, app.posthog.com, o416451.ingest.sentry.io

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 3 months ago (29 children)

Next up is #Obsidian, a tool I'm hesitant to consider because of the developers' view on open source. Hence, the source is not available except the obfuscated JavaScript that's ran by Electron.

Despite that, Obsidian itself only does a version check (which can be disabled) and starts in "restricted mode" by default, which disallows third-party plugins (but does still embed external content when asked to.)

There's some phoning home by Chrome but far less than with Logseq.

Color me surprised.

The program defaults to "restricted mode." "Would you like to exit Restricted Mode to enable community plugins? We strongly recommend making backups of your data before doing so."

[–] [email protected] 0 points 3 months ago (6 children)

@[email protected] I use Obsidian fairly regularly. The advantage is that your data's all markdown files on your own disk. If Obsidian for some reason becomes sketchy (which I doubt will happen), I can move on to another app.

The plugins are great and is probably what drives Obsidian for the most part if you wanted more than just a note taking app.

[–] [email protected] 0 points 3 months ago (5 children)

@trinsec Plain-files-on-disk is certainly is a big advantage compared to Anytype (and possibly the next version of Logseq), where everything is stored in a database blob.

Anytype "objects" are exportable as Markdown (but with loss of metadata) or as a Protobuf-parseable packet but I didn't find any CLI tool to do that in an automated way. So something I need to consider in my choice.

I'm pleasantly surprised by Obsidian so far, just need to keep an eye on the background activity of plugins.

[–] [email protected] 1 points 3 months ago (1 children)

@[email protected] @[email protected] thank you for your very informative thread !

have you heard about https://b3log.org/siyuan/ ?

[–] [email protected] 1 points 3 months ago (1 children)

@projetslibres_[email protected] @[email protected] Thanks!

I hadn't heard of it but it looks pretty good. A bit like Anytype with its templates and relations, but with contents just stored as plain files on disk and hopefully with less tracking.

I will give it try tomorrow, thanks :)

[–] [email protected] 1 points 3 months ago

@[email protected] @[email protected] I'd just heard about it recently (I'm an Anytype user) and wanted to give it a try also.

load more comments (3 replies)
load more comments (3 replies)
load more comments (25 replies)