this post was submitted on 24 Feb 2025
398 points (97.8% liked)

Privacy

1023 readers
1020 users here now

Protect your privacy in the digital world

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be nice, civil and no bigotry/prejudice.
  2. No tankies/alt-right fascists. The former can be tolerated but the latter are banned.
  3. Stay on topic.
  4. Don't promote proprietary software.
  5. No crypto, blockchain, etc.
  6. No Xitter links. (only allowed when can't fact check any other way, use xcancel)
  7. If in doubt, read rule 1

Related communities:

founded 3 months ago
MODERATORS
[email protected]
otter
[email protected]
[email protected]
398
Choose your warrior: (fedia.io)
submitted 4 days ago by [email protected] to c/[email protected]
84 comments fedilink hide all child comments
 

cross-posted from: https://fosstodon.org/users/notesnook/statuses/114059550980301173

Choose your warrior:

All of these are open source, private and encrypted. Of course, Notesnook is still the best 😉

#notetaking, #privacy, #security, #notesnook, #opensource

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 4 days ago* (last edited 4 days ago) (1 children)

After looking at Notesnook, I don't really understand the difference. It has features that Google Keep lacks, but if the company were to shut down their servers I would lose anything not stored locally, right? If I delete a file on one device it's presumably removed from the others upon sync, so couldn't they remotely delete my files from any connected device if they wanted to?

I don't understand encryption in the first place, so this is probably an ignorant question, but can't the company that runs the software choose to release the encryption keys anyway? My understanding is that encryption only protects my data from interception by a third party.

Assuming I'm not wrong on those points, isn't it better to only store files locally, and to share them either on physical media or via a service which won't store the files long-term? Is the issue of leaked or lost data not inherent in any hosting service?

Sorry if everything I'm saying is really stupid. I'm not trying to troll or argue in favor of Google services or anything. I just don't understand how to evaluate any given service's trustworthiness or safety.

e: I just thought to check whether Google Keep is encrypted and the internet says it is. Now I extra don't get it. Very confused.

[–] [email protected] 9 points 4 days ago (1 children)

Regarding encryption, some companies hold the encryption keys, but many, including Notesnook, use end-to-end encryption. This means the encryption happens on your device and the keys are generated from your password and stored locally rather than on the company's servers.

In that scenario the company never has access to the keys in the first place, so they wouldn’t be able to release them even if they wanted to.

Google Keep on the other hand does not use end-to-end encryption for your notes. While it does use encryption to protect data both during transmission and while stored on its servers, Google retains the ability to access the content of your notes. This means that although your data is safeguarded against external threats, Google's internal systems can still access your information.

[–] [email protected] 1 points 3 days ago

Thank you, that makes sense.