Standard notes: what about don’t put all your eggs in one basket rule? (discuss.tchncs.de)

submitted 6 months ago* (last edited 6 months ago) by gamedeviancy@discuss.tchncs.de to c/privacy@lemmy.ml

51 comments fedilink hide all child comments

If the owner of the standard notes will now be a proton, doesn't that contradict this principle? I have a proton email account but I don't want it linked to my standard notes account. I don't strongly trust companies that offer packaged services like google or Microsoft. I prefer to have one service from one company. I am afraid that now I will have to change where I save my notes. What do you guys think about this?

you are viewing a single comment's thread
view the rest of the comments

[-] LWD@lemm.ee 3 points 6 months ago

Is there anything won't with the company itself being in Pakistan, if it's explicitly hosting your data in Germany? I'm not aware of any nation-level threat going on over there, and their client is open-source on all platforms, so I don't imagine there's much that would be compromised.

[-] gamedeviancy@discuss.tchncs.de 2 points 6 months ago

Idk, maybe I'm wrong. Notesnook is recommended by privacyguides at all. All my mistrust comes from the fact that such countries are not famous for respecting human rights. What if the government forces the owners to give up the keys? Maybe it's an unrealistic scenario cause data is encrypted.

[-] LWD@lemm.ee 3 points 6 months ago

You're asking the right questions.

Regarding keys: they never store those. If they did, that would be a problem from the beginning. The whole point of E2EE encryption is that the servers and server owners should never be able to access your data even if you wanted them to.

[-] gamedeviancy@discuss.tchncs.de 2 points 6 months ago* (last edited 6 months ago)

Yes, you had me cause I write only about keys, but I thought also about backdoors on gov demand.

[-] LWD@lemm.ee 4 points 6 months ago

If you're worried about backdoors, you can build every client from source and verify the code. IIRC they haven't paid for an audit, but if they failed to protect your passwords/keys that'd be really bad for their reputation. And considering their target demographic, it's pretty important to keep that part of the reputation alive.

[-] clmbmb@lemmy.dbzer0.com 2 points 6 months ago

Notesnook is open source and you can check (if you have the knowledge) if there are any issues. They're working on making the server self-hostable (also fully open source) so there's that.

this post was submitted on 10 Apr 2024

67 points (93.5% liked)

Privacy

31609 readers

343 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS