> On Supernotes your data is always encrypted in transit (forced SSL) and encrypted at rest (AES-256). Our team will never read or access your note content, unless we have received your express permission during a customer support interaction.
Sorry, but the fact that you can read it makes this a no-go for me. Unless a note-taking solution offers end-to-end encryption, I don't consider it a safe place for storing private information.
Yep, to be explicit: Supernotes is not currently E2EE. It is something we'd certainly like to add in the future, but up until now our priority has been on building out UX and sharing features, which are somewhat at odds with E2EE (at least when it comes to what a 2-man team can reasonably accomplish). There is a delicate balance we want to strike here, as part of the goal of Supernotes is to give users peace of mind so that they don't need to worry about what happens if they lose their laptop and didn't have it backed up.
We've been toying with some ideas that would allow more technical users to take matters into their own hands and take on the responsibility of managing their private keys themselves, but that isn't quite ready yet.
Sorry, this is the day when I decided to start downvoting people who demand E2E-encryption from things that obviously don't need it.
At this point I am just fed up, but to be constructive:
- E2E-encryption is a seriously nice property. If it was free and simple we should use it everywhere.
- Picking on nice things that absolutely doesn't need E2E-encryption however is just counterproductive, and most people who do so (I haven't studied you in particular) seems to have no clue about when and why it is useful.
-Let me give some ideas: there seems to be lots of people who claim to need E2E-encryption but cannot take basic security precautions like separating work/personal, avoid linking their social media profile etc in their profile, etc etc etc.
- Basically: if someone isn't wearing a cap, using tails, paying in cash, updating ones notes via a directed antenna connected to a distant open network
- and if they haven't considered the pros and cons of connecting to the same network every time (what if "they" are onto one and are right now using a directional antenna to pinpoint ones direction) vs different ones (reduces that risk but simplifies triangulation)
- and haven't considered their cover story for why they were out biking without a phone but with a laptop and a directional antenna, or considered cash (less traceable) or card (don't stand out)
- ... then there is a fair chance they don't actually need E2E-encryption
- and if they share the stuff they are hoarding, the chance is even bigger.
- That said: again, E2E-encryption is a seriously nice property that simplifies a number of other problems. I'll pay premium for it even if I don't need it. But I don't need it for diary, not even for notes about customer systems.
And as I write this I can almost hear glass shattering all around me. I'm logged in through corporate WiFi and I don't care ;-)
Edit: let me also add that 1.) most people have now clue about how to verify E2E-encryption 2.) for web applications it can trivially be circumvented by anyone who can single handedly push code to prod and you won't know before much later 3.) it can be done selectively against one user and on most users it will leave no trace at all (a patched minified script with no caching that sends encryption keys back isn't hard at all, is it?)
Why do you think a note taking service doesn't need end-to-end encryption? Perhaps you don't care if a rogue employee reads your personal diary, or if the company gets hacked and all your private notes are stolen. Or if an overreaching government demands your data.
Personally I do care. The note taking solution I currently use has E2E encryption, and I won't consider switching to a different solution that lacks this.
Thanks for asking. I think you are genuinely curious so here is my best answer:
If it is that important, don't use a service like this. Seriously don't. Edit: and don't use any other online service either, E2EE or not!
As I write towards the end, E2EE in a web service like this can be trivially worked around by anyone who can push code to prod. (Or anyone who can inject it.) Basically anyone working at a small product like this and any serious three letter agency.
It is not that I don't care. I very much do care. I still remember a friend of me from years ago who told about some (probably IRC) friends of his who ran a "Dropbox"-style service hardly breaking even, just because of all the fun they had looking at all the stuff that people didn't dare to put on Dropbox.
So my point is:
- if things need to stay secret, don't write them down,
- and if you have to write them down, don't let them leave your device
- and if you have to send them, encrypt them properly first and then send them.
Do this mean I encrypt everything before I fire up <whatever messenger I use>? No. If <whatever messenger I use> gets owned big time and all my chats with my wife gets dumped we'll probably laugh at it. Nothing we did was illegal and nothing of it is embarrassing - it would only be embarrassing if I posted it publicly or if I sent it using a service that I should have known better than to use.
I gave him an upvote to balance your vote out. Luckily we vote on these products with our money. It is absolutely insane to me that you would even suggest that a repository for my most private thoughts "obviously" doesn't need to be private for my eyes only.
Totally fine. Note however that this isn't marketed as a place for anyones most private thoughts, it is right there in the announcement:
> unique collaboration system that is optimized for granular sharing between individuals rather than "all-in" sharing amongst teams or specific groups
Such applications has their place and for what you know I might be using them myself, but don't for a second believe that any web application with sharing possibilities are a place for anyones most private thoughts.
If you did think so until today, take my advice and clean up everything that can get you in hot water.
Someone funny once said: "what happens on the internet stays on the internet, forever". This is worth reminding oneselves about.
Edit: if one needs sync and security one can maybe use something like Joplin which supports encryption. I haven't verified neither the crypto nor the general codebase nor if it can autoupdate. I'm just saying it might be possible as an individual to sync sensitive data somewhat securely like people think they do with online services but if you are at a level where E2EE is necessary and where government agencies or basically (in my opinion) anything more than snooping kids or coworkers enters the picture, my advice is to forget about web applications.
To avoid doing what I despise when others do, when they basically say "if you don't do everything correct you can just give up": That does not mean you necessarily have to give up your current solution:
Just be realistic about what threat models it can hold up against.
Edit 2: (as said elsewhere) E2E-encryption is seriously nice and I can pay a premium for it even if I don't feel I need it. Just know what it helps against. And don't tell others that everything else is trash and unusable (but feel free to tell them what the risks are and how to protect oneselves).
> On Supernotes your data is always encrypted in transit (forced SSL) and encrypted at rest (AES-256). Our team will never read or access your note content, unless we have received your express permission during a customer support interaction.
Sorry, but the fact that you can read it makes this a no-go for me. Unless a note-taking solution offers end-to-end encryption, I don't consider it a safe place for storing private information.