Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Encryption of (synced) storages #827

Open
sherabi opened this issue Aug 24, 2017 · 30 comments
Open

Encryption of (synced) storages #827

sherabi opened this issue Aug 24, 2017 · 30 comments

Comments

@sherabi
Copy link

@sherabi sherabi commented Aug 24, 2017

Issuehunt badges

Requesting support for encryption when using external storage services like s3, Google drive, Dropbox etc.
Just like Laverna.

Moderator note:
This GitHub issue is purely about the encryption of storage. For adding the sync feature see: #308

IssueHunt Summary

Sponsors (Total: $60.00)

Become a sponsor now!

Or submit a pull request to get the deposits!

Tips

@asmsuechan

This comment has been minimized.

Copy link
Contributor

@asmsuechan asmsuechan commented Aug 25, 2017

Hi, @sherabi. Thank you for your request. Yes, I consider this feature.

@MrBMT

This comment has been minimized.

Copy link
Contributor

@MrBMT MrBMT commented Aug 30, 2017

+1 for encryption, that'd be a really nice feature.

I mainly use Boostnote for taking notes at work and wouldn't want to have any of my notes stored on an external storage platform without them being encrypted first, as some of the information is confidential.

@MrW4S4B1

This comment has been minimized.

Copy link

@MrW4S4B1 MrW4S4B1 commented Nov 11, 2017

I'd love to see this feature implemented!

@MrBMT I'm using Cryptomator to create an encrypted drive inside the cloud storage with all the Boostnote files inside. You have some cons, though: You have to use the desktop sync app of your cloud storage provider, no mobile sync and a bunch of apps in the background. On the other hand, if encryption is a must, this is probably the best workaround as cryptomator is designed to protect cloud storage. Hope you find it useful!

@ximbal

This comment has been minimized.

Copy link

@ximbal ximbal commented Mar 26, 2018

Encryption of the files would be great, I am currently using keybase to store things like SSH keys, but it would be super useful if I could store them right next to code snippets, all in a single tidy place

@IssueHuntBot

This comment has been minimized.

Copy link

@IssueHuntBot IssueHuntBot commented May 8, 2018

@kazup01 has boosted this issue with $40. Visit this issue on Issuehunt

@IssueHuntBot

This comment has been minimized.

Copy link

@IssueHuntBot IssueHuntBot commented May 15, 2018

@chartotu19 has started working. Visit this issue on Issuehunt

@TobiasDev

This comment has been minimized.

Copy link

@TobiasDev TobiasDev commented Oct 11, 2018

I would love to see this feature as well. However, it would be awesome if it can be combined with WebDav sync (for the mobile app at least, since I can point the desktop app to any folder I want on my PC), so that I can use this app together with my Personal NextCloud instance. Rather than having to trust Dropbox with my data. :)

@IssueHuntBot

This comment has been minimized.

Copy link

@IssueHuntBot IssueHuntBot commented Oct 11, 2018

@TobiasDev funded this issue with $18.98. Visit this issue on Issuehunt

@TobiasDev

This comment has been minimized.

Copy link

@TobiasDev TobiasDev commented Oct 12, 2018

I have seen that this is in development (when looking on IssueHunt), is there any time release for when it would come in? Just out of curiosity since I'm currently holding back on switching to BoostNote for all my notes. :) Obviously no stress, but I really enjoy BoostNote so the sooner I can make the full switch from Evernote the better. :)

@kazup01 kazup01 added the bounty label Nov 7, 2018
@IssueHuntBot

This comment has been minimized.

Copy link

@IssueHuntBot IssueHuntBot commented Dec 4, 2018

@kazup01 has cancelled funding for this issue.(Cancelled amount: $40.00) See it on IssueHunt

@IssueHuntBot

This comment has been minimized.

Copy link

@IssueHuntBot IssueHuntBot commented Dec 4, 2018

@issuehuntfest has funded $40.00 to this issue. See it on IssueHunt

@IssueHuntBot

This comment has been minimized.

Copy link

@IssueHuntBot IssueHuntBot commented Mar 13, 2019

@edulcoweb has funded $10.00 to this issue.


@IssueHuntBot

This comment has been minimized.

Copy link

@IssueHuntBot IssueHuntBot commented Apr 1, 2019

@satywa has funded $5.00 to this issue.


@IssueHuntBot

This comment has been minimized.

Copy link

@IssueHuntBot IssueHuntBot commented May 15, 2019

@IssueHunt has funded $5.00 to this issue.


@TobiasDev

This comment has been minimized.

Copy link

@TobiasDev TobiasDev commented May 15, 2019

Not sure if this helps, but if you guys are looking for a way to do this (using for example Nextcloud), I think Joplin might be good to look into. An open-source Evernote alternative.

@Cito

This comment has been minimized.

Copy link

@Cito Cito commented May 15, 2019

If you mention Joplin you should also mention Standard Notes. Maybe Boostnote can use the same encryption library Standard File that Standard Notes is using?

@TobiasDev

This comment has been minimized.

Copy link

@TobiasDev TobiasDev commented May 16, 2019

Yeah. The reason for Joplin was more since they also support file syncing to NextCloud, Dropbox, etc. Standard Notes has their own servers for your things. Hence why they don't support file attachments using storage on their space. :)

@IssueHuntBot

This comment has been minimized.

Copy link

@IssueHuntBot IssueHuntBot commented May 23, 2019

@TobiasDev has cancelled funding for this issue.(Cancelled amount: $18.98) See it on IssueHunt

@dlumma

This comment has been minimized.

Copy link

@dlumma dlumma commented Jul 28, 2019

I'd pay for an integration with keybase.

@Flexo013

This comment has been minimized.

Copy link
Contributor

@Flexo013 Flexo013 commented Jul 29, 2019

@dlumma You can open a new issue specifically asking for syncing and encryption using keybase. Then through IssueHunt, you can fund that new issue.

@Tiramisu77

This comment has been minimized.

Copy link

@Tiramisu77 Tiramisu77 commented Nov 19, 2019

I can implement this feature using window.crypto. We can add optional password field when creating a new folder, if the password was provided, all notes under the folder will be encrypted. Also there will be the option to change the password when right clicking on an encrypted folder.

@Flexo013

This comment has been minimized.

Copy link
Contributor

@Flexo013 Flexo013 commented Nov 19, 2019

@Tiramisu77 You are the first to mention a password in this thread. The community so far has mentioned that they would simply want the option to encrypt the files within a storage. This would be done by generating a key(pair) that can be used to encrypt and decrypt the files.

When creating a new folder Boostnote should be able to generate these and store these somewhere that the user can access them. When adding an existing (encrypted) storage one should have the option to provide the key(pair) to make sure that the storage can actually be used.

@Flexo013 Flexo013 changed the title Encryption and sync Encryption of (synced) storages Nov 19, 2019
@Tiramisu77

This comment has been minimized.

Copy link

@Tiramisu77 Tiramisu77 commented Nov 19, 2019

@Flexo013 My bad, thanks for clarifying that. Would it make sense to start working on this feature now, or is it better to wait until the sync feature is added?

@Flexo013

This comment has been minimized.

Copy link
Contributor

@Flexo013 Flexo013 commented Nov 19, 2019

@Tiramisu77 No problem at all. You can already start working on this feature now. To workaround the sync you can simply use syncing with something like Dropbox or MEGA. If you need any more clarification, then don't hesitate to ask.

@Tiramisu77

This comment has been minimized.

Copy link

@Tiramisu77 Tiramisu77 commented Nov 23, 2019

Here's my plan so far:

Add "encrypt" checkbox when adding a new storage location.

If not exists, create a keystore file in the Home directory, where keypairs for all encrypted storages will be stored.

Under Preferences > Storage, add options for opening the keystore file's location and changing its location

When user adds a new storage location, if there already is a storage in that location and it is encrypted and there's no keys for this storage in the keystore, then ask the user to provide the keypair

Only note's content will be encrypted.

Crypto will be handled by openpgpjs

If it all sounds good, I can start implementing it.

@Flexo013

This comment has been minimized.

Copy link
Contributor

@Flexo013 Flexo013 commented Nov 23, 2019

This sounds good to me!

@Rokt33r and @ZeroX-DG do either of you have additions or comments about @Tiramisu77's plan here?

@arcturus140

This comment has been minimized.

Copy link
Contributor

@arcturus140 arcturus140 commented Nov 23, 2019

is this issue still about the encryption of synced files or are local files being encrypted as well?

How can user recover their encrypted notes after they lost the key?

@Flexo013

This comment has been minimized.

Copy link
Contributor

@Flexo013 Flexo013 commented Nov 25, 2019

@arcturus140 Currently there isn't really a difference between a note file that is synced and not synced, as that is handled by external syncing software. This new feature would encrypt your local files, (because those are uploaded). Note that this is optional when making (or editing?) a storage. Your notes won't be encrypted by default.

The whole idea of encryption is that you can't. You will need the key to decrypt the notes. It depends on how it's implemented, but you will most likely be able to use a command line version of PGP to decrypt a file with your key.

@arcturus140

This comment has been minimized.

Copy link
Contributor

@arcturus140 arcturus140 commented Nov 25, 2019

@Flexo013 I know but syncing could be a requirement for encryption once storage Locactions of type sync are supported.

Before Boostnote I have been using Laverna. One thing I learned about self hosted keys: users loose them.

This is less a personal concern as a general observation. It would seem that the user be responsible to store their keys is a rather unreliable solution, for once when it comes to recover from a corrupted system.

@Flexo013

This comment has been minimized.

Copy link
Contributor

@Flexo013 Flexo013 commented Nov 26, 2019

@arcturus140 Hmm, I understand your concern. We could try something with different levels of security:

  • High security: everything is encrypted - losing your key means losing your notes
  • Medium security: there is both an encrypted and non-encrypted version of your storage - the encrypted one can be used for syncing and will be leading - losing your key will mean you can no longer update/read synced files, but you still have the last plain version
  • No security: nothing is encrypted - this is what we have now

@Tiramisu77 Just in case you hadn't yet, feel free to start with that implementation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
You can’t perform that action at this time.