If the owner of the standard notes will now be a proton, doesn’t that contradict this principle? I have a proton email account but I don’t want it linked to my standard notes account. I don’t strongly trust companies that offer packaged services like google or Microsoft. I prefer to have one service from one company. I am afraid that now I will have to change where I save my notes. What do you guys think about this?
I’ve been self-hosting Standard Notes for a while, and if you think it’s something you can pull off, I’d recommend it. Especially if you can get by without folders, (too many) fancy editors, or some of the extra cloud stuff they have been offering.
If you don’t feel like self-hosting, there are other options too, like
Too bad it requires 2GB of RAM. Joplin is “perfect” but the UI is ugly.
I know these apps but none of them is as good as standard notes in my opinion. Notesnook seems fine but I don’t like fact that it is based in Pakistan. I used Joplin before buying a sub for standard notes so I know it.
Currently I have also subscription on Crypt.ee for photos but there is also a notes app integrated. Maybe I’ll start using it. Developer of cryptee was very active on reddit and he seems like a man who values privacy and security.
But I hope that simply proton will not force the migration of standard notes accounts to proton accounts and for old users everything will be as before.
Is there anything won’t with the company itself being in Pakistan, if it’s explicitly hosting your data in Germany? I’m not aware of any nation-level threat going on over there, and their client is open-source on all platforms, so I don’t imagine there’s much that would be compromised.
Idk, maybe I’m wrong. Notesnook is recommended by privacyguides at all. All my mistrust comes from the fact that such countries are not famous for respecting human rights. What if the government forces the owners to give up the keys? Maybe it’s an unrealistic scenario cause data is encrypted.
You’re asking the right questions.
Regarding keys: they never store those. If they did, that would be a problem from the beginning. The whole point of E2EE encryption is that the servers and server owners should never be able to access your data even if you wanted them to.
Yes, you had me cause I write only about keys, but I thought also about backdoors on gov demand.
If you’re worried about backdoors, you can build every client from source and verify the code. IIRC they haven’t paid for an audit, but if they failed to protect your passwords/keys that’d be really bad for their reputation. And considering their target demographic, it’s pretty important to keep that part of the reputation alive.
Notesnook is open source and you can check (if you have the knowledge) if there are any issues. They’re working on making the server self-hostable (also fully open source) so there’s that.
What’s the upside over self-hosted (and encrypted) Trilium, which is what I currently use? (I ask this not as a challenge, but out of curiosity.)
From the looks of it, Trillium is halfway between Standard Notes and hosting your own wiki.
If you’re happy with Trillium, I’d say stick with it. It looks pretty good, TBH. Standard Notes is self-hostable more as an afterthought, which is to its detriment.
Thanks, appreciate it!