-
Notifications
You must be signed in to change notification settings - Fork 109
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Encryption #142
Comments
Original comment by jendrikseipp (2009-01-23T11:25:08Z): At the moment there is no direct way to encrypt your diary. You could use Truecrypt to encrypt your data folder, but I haven't tried that, yet. If you succeed, please tell me how you did it. |
Original comment by zivagolee (2009-01-23T18:34:50Z): How about adding in GPG encryption possibly using seahorse as a mechanism? |
Original comment by jendrikseipp (2009-01-30T14:12:13Z): I will look into the possibilities to add encryption, but it will take some time, since I want to add other features first. |
Original comment by lermite-deactivatedaccount (2011-04-13T08:21:48Z): Hello, It would be really nice to protect his diary with encryption and a password to open as lifeograph or almanah... Rednotebook is better than these two programs but it is the only one not offered the opportunity to protect his diary. it's a shame. Thanks. |
Original comment by jendrikseipp (2011-12-21T11:34:58Z): I'd like to quote a RedNotebook user who sums up the current state quite nicely (taken from https://answers.launchpad.net/rednotebook/+question/182174): " Re encryption: I think this feature is often requested, IMO because for many people the use-case for RN is associated with the old dead-tree format "diaries", and therefore imply keeping confidential information. However this is a very challenging area of coding to get right, and IMO better to have none at all (at least within the program) than to have something like Zip files, or Word or Acrobat that appears to give security but turns out to be easily broken, giving the users a false sense of security. My recommendation is to get to know the existing tools out there to provide filesystem-level encryption and then keep your RN data in a container managed by the tool that suits your needs. The ones that are easiest to use and come with support aren't free, but IMO if it's not open-source it isn't really secure - but that might not matter to you. For me, TrueCrypt strikes a good balance, and is very popular - once you get it set up it should basically be transparent to you in daily use. A bit of a kludge, but much easier and apparently "secure enough" for most people, is 7-zip's native format encryption, just requires un/re-zipping the folder before/after each working session. I would suggest someone researching and doing this taking good notes, and then coming back here to post a step-by-step "HowTo Encrypt Your RedNotebook" in this thread, and the developer could then put that in the documentation. Such contributions are an alternative way to "give back" to the open-source community that don't require programming skills. |
Original comment by hansbkk (2011-12-22T14:34:30Z): Note that the apps available are usually platform-specific, mine were assuming windoze. You Linux guys know what you're doing already anyway 8-) |
Original comment by andre-ca (2012-02-17T10:09:16Z): Working on a branch with AES encryption using pyCrypto. The back-end crypto stuff is all done now and I just need to add the gui front-end elements (enter password/etc). It works by encrypting/decrypting the individual journal files with a password when accessed (and giving them the extension .aes) When a user is loading a journal folder with encrypted files in it (or when encryption is enabled to begin with), it will ask the user for a password to use. The password is then hashed and salted using either multiple (2000 right now shrugs) iterations of sha512 or a secure KDF implementation depending on which is available to the user. Users who have an older version of pyCrypto (no windows binaries for 2.5 yet) will be forced to use the less secure sha512 implementation using hashlib rather than the shiny PBKDF2 in pyCrypto 2.5. Anywho, this generates a key and then it is used in with AES (512bit recommended just in case) in CBC mode for the encryption/decryption. What all this adds up to is the ability to have individual encrypted-passworded journal files with no mess. This implementation is not (easily) crack-able via brute-force and most definitely secure. |
Original comment by jendrikseipp (2012-02-17T13:11:28Z): Very interesting! I had a quick look at the code and it looks very |
Original comment by a-jch (2012-11-10T01:06:52Z): Very interesting. Looking forward to this feature (and a Mac installer)! |
Original comment by paytonturnage-deactivatedaccount (2012-12-13T01:38:09Z): Andre, opt for PBKDF2 at least. Depending on how long the wait is (for the windows binaries), an implementation wouldn't take terribly long to create and verify (PBKDF2 specifically is rather easy to implement if the hash functions are provided for you). |
Original comment by leomcsnarf (2013-08-22T02:41:46Z): Still waiting for encryption or at the very least password protection. Maybe? |
Original comment by hodanli (2014-04-21T12:37:20Z): i think this should be in your top priorities. a journal without protection? i use allmyjournals for windows and migrate to the rednotebook the day password protection lands. thanks. |
Original comment by papapa909090 (2014-05-11T08:01:04Z): Please add password protection, it's the only feature that this program lacks |
Original comment by papapa909090 (2014-05-11T08:50:48Z): simple password protection without encryption would be enough, I mean I don't want my relatives to click the shortcut "diary" and open my private files I've come up with such a script, it creates password protected zip and deletes data folder every time you close RedNotebook
#!/bin/sh cd ~/.rednotebook rednotebook #change 'secretpassword' to password you would like to have
|
Original comment by papapa909090 (2014-05-11T09:11:57Z): simple password protection without encryption would be enough, I mean I don't want my relatives to click the shortcut "diary" and open my private files I've come up with such a script, it creates password protected zip and deletes data folder every time you close RedNotebook #!/bin/sh cd ~/.rednotebook rednotebook #change 'secretpassword' to password you would like to have |
Original comment by arya766 (2014-05-11T09:09:28Z): This is good, but not that good. I'd rather an internal password. After
|
Original comment by arya766 (2014-05-11T09:58:06Z): As I said, that kind of password is not hard to break.
|
Original comment by dx486107 (2014-06-12T13:24:41Z): Using Truecrypt for encryption is a possibility, yes, but being able to encrypt the diary within the program is better, because a) Program may close diary file automatically after being idle for some time and protect the diary's secrecy. You may lose data if you try to accomplish this via Truecrypt (forcing unmount encrypted drive is not good) Lifeograph has this ability, which is another open source project only for Linux users. Maybe its code would be useful for you if you take a look at it. It is already done there. Developers know the best but I humbly agree others that this feature should be at top priority for a diary. Thank you. |
Original comment by leomcsnarf (2014-06-12T14:24:29Z): This post is what I learned from a search on "how to encrypt files in dropbox" it's a little bit of a mashup... one part says "hit p when it asked for configuration" when it actually comes a little bit later... but it always works. Sorry I can't tidy it up... but there it is... I have my Documents folder linked to Private... where it's all encrypted in dropbox. My rednotebook config folder is also inside Private, so it's backed up, in dropbox, but it's backed up encrypted. Not exactly what the bug post is about... but this is what I got going.
Encfs is a better solution than SecretSync because it stores the encryption keys on your local machine and it can work in Linux (natively), Windows (via BoxCryptor) and Mac (via MacFuse), which is great if you use Dropbox on more than one operating system. In Ubuntu, open a terminal and type: sudo apt-get install encfs To create an encrypted folder, type the command: The above command instructs encfs to create an encrypted hidden folder (with name .encrypted) in Dropbox and mount it in the Private Folder in your Home directory. When it prompts you for the configuration option, press “p” follow by Enter. Next, it will ask you to enter your password. Be very careful with what you type since it won’t appear in the screen. That’s it. Whatever files you place in the Private folder will be encrypted and synced with Dropbox. To get the encrypted folder to automount everytime you log in, you can use gnome-encfs.
sudo install gnome-encfs /usr/local/bin Option 1. Delete Documents directory from home. Option 2. Then, while in home directory, in terminal create symlinks... Option 3. move .rednotebook to ~/Private/Documents, from inside your home ln -s ~Private/Documents.rednotebook |
Original comment by jendrikseipp (2014-06-12T17:45:06Z): I agree that encryption is an important feature and for quite some time I have thought that it should be added to RedNotebook. However, it takes time and experience to implement it correctly. Both of which I am currently lacking. If not done properly, users may assume their data is safe while in reality it isn't or users may lose their data just because the implementation is not thoroughly tested. Secondly, I strongly believe in the unix philosophy that one tool should do one thing. Journalling is one feature, encryption is another. I think, we shouldn't pack encryption into RedNotebook if we can use other tools for this. This said, I know that using these other tools (e.g. encfs) is not straightforward for most users and maybe we can make using them easier, maybe even from inside RedNotebook. For the time being I would suggest we collect and polish setup guides here that describe how to setup encryption on different platforms (e.g. boxcryptor on Windows, encfs on Linux). Maybe someone can confirm that the encfs setup guide from comment #19 works? Once we have the setup guides, we should include them in the RedNotebook help document. |
Original comment by leomcsnarf (2014-06-12T18:19:28Z): As per my previous, comment #19... Here is a post where I got my information.... after this, you basically just moving the hidden .rednotebook foler into the encrypted folder and sym linking to it... http://www.addictivetips.com/ubuntu-linux-tips/encrypt-dropbox-files-with-encfs-in-ubuntu/ |
Original comment by pavelsayekat (2016-02-02T08:43:13Z): Quoting "simple password protection without encryption would be enough, I mean I don't want my relatives to click the shortcut "diary" and open my private files #thats a valid point for even for a weak encryption but if the encryption is strong, no-one will complain. #Should have a password & password recovery question or option for security. |
Original comment by namttep (2016-02-02T14:35:54Z): not being a programmer, I wouldn't know how to implement this, secondly if I dumped rednotebook several years ago in favour of a program with native, thank you anyways -----Original Message----- Quoting "simple password protection without encryption would be enough, I #thats a valid point for even for a weak encryption but if the #Should have a password & password recovery question or option for -- Title: Status in RedNotebook: Bug description: To manage notifications about this bug go to: |
Original comment by michael-j-hays (2016-02-15T13:16:15Z): I am happy for rednotebook to not be encrypted. I recently had some kind of corruption occur and rednotebook kept failing to open. I narrowed down the problem to one month's txt file, and removed that month from the journal data, and rednotebook then started. I was then able to copy the text data from the corrupted text file, and paste it back into the relevant days in rednotebook. If the whole journal data was encrypted, then would it be possible to remove some problem data and recover it from the database? |
Original comment by jendrikseipp (2016-02-15T13:37:19Z): Probably that wouldn't be possible, no. |
Original comment by michael-j-hays (2016-06-25T14:46:18Z): Three more reasons why not to encrypt :
|
Originally reported at launchpad:
Is there a way to have an option to enable encryption for the diary?
The text was updated successfully, but these errors were encountered: