Standard Journal

Standard Journal

Notes on privacy, simplicity, and sustainable development.

October 18, 2017 by Standard Notes

Last week we introduced a new security feature called Device Storage Encryption (DSE) for iOS, Android, Web, and Desktop. We mentioned briefly how in addition to the already end-to-end encrypted sync Standard Notes provides, DSE can further safeguard your data by making sure unencrypted data never touches a hard drive. This post explains how DSE works, and how it fits in with the existing encryption technologies used by Standard Notes.

Standard Encryption

When you’re using Standard Notes with a signed in account, we generate private encryption keys from your password, and save these keys on device. Every key stroke you type, and thus every change you make to a note, is immediately encrypted using these keys, then synced to your other devices. Since you’ll have signed in to these other devices as well, those devices will have your encryption keys available to decrypt incoming changes.

Expanding our Threat Model

Before DSE, your encryption keys would need to be stored on your local computer without being encrypted. This was because without an additional password, there would be no straight forward way to encrypt your keys for offline storage (particularly on the web app). Our main threat model (or, what we set out to protect against) was making sure no one but you can read your notes. We treated servers and unencrypted online transmission of data as the main enemy. Your personal device, protected by you in the comfort of your pocket or your home, we treated as safe.

With DSE, we expand our threat model to also protect you from device seizures, loss, and theft. All of our applications on every platform (Mac, Windows, Linux, iOS, Android, and Web) now offer the option to add an extra application password called a “Local Passcode”.

This passcode serves two purposes:

  1. It will lock the application with a passcode which must be entered before you can enter, use, and read application data.
  2. On Desktop and Web, it will encrypt your local key storage. This means that keys that were once stored on your offline device without encryption will now be encrypted using AES-256 with a key derived from your local passcode using PBKDF2.

The result is actually kind of cool: unencrypted data never touches your hard drive, or anyone else’s hard drive.

How it works:

  1. On enter, the app prompts for your local passcode.
  2. It compares the hash of your inputted password to a saved hash, and if correct, uses your inputted password to generate the remainder of your keys.
  3. These keys are used to decrypt your saved account encryption keys.
  4. The application now reads encrypted data from your local database, and decrypts this data using your decrypted account keys.
  5. The decrypted data now lives only in ephemeral memory, and is displayed so that it can be edited by the user.
  6. When you make a change to a note, it is encrypted immediately, then synced to your account and saved in your device's database.
  7. Finally, when you quit the app, the decrypted data which lived in memory is immediately destroyed.

So what?

What’s the significance of decrypted data never touching your hard drive? Well, hard drives are sort of tricky to keep an eye on. Once a file touches disk, you can’t be certain that a copy of it wasn’t made, or that it wasn’t backed up by your system, or synced to a file syncing platform. With memory, things are more volatile, but ephemerality is built in. You can be sure that it won’t be backed up by a system process or 3rd party application.

(On iOS and Android, your keys are stored in your device’s secure keychain, so a local passcode serves more as a deterrent to unwanted physical access, compared to the web app, where a secure device keychain is not available.)

You can learn more about our other privacy measures here. You can also download the new applications for your platform from our downloads page. And as always, if you have any questions, please don’t hesitate to reach out to hello@standardnotes.org.

October 13, 2017 by Standard Notes

A letter to our users:

Dear note lovers and encryption lovers,

We know you love notes. And the secure feeling a private online life gives you.

So, we made something for you. I think you're going to like it.

A powerful new notes app for iOS and Android (and Desktop):



It's more secure.

Device Storage Encryption now encrypts your data before saving it to your local disk. Lock your app with a passcode to require authentication on launch and, on desktop, to encrypt your local key storage. And now for Android as well as iOS, protect your app with a fingerprint lock.

It helps you be more productive.

Pin your notes to the top of your list, so that notes and tasks you edit often are always within reach. Archive notes to stash them away, or unarchive to bring them back. And, new on Android, sort your notes by when you added them, when you modified them, or by their title.

It's beautiful (we've been told).
Our beta testers have told us how much they love the new look and feel, and how pleasant it is to use on a daily basis. Best of all, the themes you know and love from desktop now work on mobile too (and they look stunning if we may say so ourselves).

Download:

The new apps for iOS and Android are released for free as separate apps from the original. (This update is backwards incompatible with the previous version, which is why it's being released separately.)

Get the new iOS app.

Get the new Android app.

Download the new V2 Desktop app from our downloads page, or auto-update it from your existing application.

We hope you enjoy the love and hard work we put into this release, and that it makes your notes life easier and gives you more space to do your best work.

Thanks for being here,
SN

September 4, 2017 by Mo Bitar

Let's admit, shall we, that freedom has to have its own space.

I've spent about the last decade of my life developing tools for note taking and file management, the most important of which is an encrypted note-taking app. And when I talk to others about how their lives changed once they knew their thoughts and words were private, the response is always the same: "I feel free," is what I hear. They talk about the subtle, but powerful, difference privacy brings you. You become accustomed to the luxury of knowing what you say will never be repeated.

Those who haven't tried the private online life ask me what it's like. Well here you go:

Imagine you were in a room with 50 people. All around you, in every direction, are people breathing in the same circulated air as you. It's crowded. The environment dramatically changes your thoughts. You are distracted. You are influenced by what you hear. You don't have the same thoughts you have as if you were alone.

Now imagine that every thing you said in that room had a 1% chance of being heard by someone else. Life changes. Suddenly you worry what you said. What you might say. You are a whole different person. You become a subdued version of yourself, limited in your creativity and oomph.

Internet living is about being in a room with 50 million people. We are not ourselves there. We have to be much more cautious about ourselves. We adapt to wherever we are. And ourselves multiply. We are a hundred different people, depending on where we find ourselves on the world web that day. I know that when I speak with friends on Slack, or write a note on Evernote or Google Docs, there is an ever-present 1% chance that what I am typing will one day be seen by someone else. And with this thought lingering in the back of my mind at all times, I do not write like I would write in a private journal. I write as if an audience were present. I pause between every few sentences to look both ways.

I write as if to say, "if this got out, how would it make me look? What would others think of me?" And in that way, my writing loses its most important part: me.

That's why I spent the time on encryption and privacy. I don't want the worry and the hassle of others watching me. I don't want to have to check my doors every night. I want to know I am safe to be me. And safe to have my best thoughts. To write without worry of perfection.

I just want to write like it's nobody's business.

August 1, 2017 by Standard Notes

A few months ago, we hired an independent security research firm to conduct an audit on the encryption specification used by Standard Notes. In building out our product, we spent a lot of time making sure our encryption is as strong and fool-proof as possible. While it's easy for one to feel confident of their own work, a security audit is a must for any privacy-focused project to assure the developers and customers alike that data being encrypted and transferred is done safely and securely.

We're happy to announce the results of our first third-party security audit, and share in this milestone with you while we continue on our journey to build the most private notes app in the world.

The full report is attached below for the crypto-minded. Security is a moving target, but we're happy to report that this report does not find any major weaknesses in our data encryption flow, which is the largest part of our crypto implementation. Instead, it identified two main places in which security could be improved:

1. Verifying login parameters from the server. It's standard practice for a modern web app to trust that what the server has sent for a particular user is associated with that user. For Standard Notes, we distrust the server a little more, and instead place trust on the applications that are running on the machines our users control. We were happy to learn about this as it has allowed us to add an additional layer of protection from the out-of-sight server.

2. Ensuring that the ID of the data item is not exchanged with another item. This is an issue with little practical exploitability. But it is important to protect against nonetheless. Now, when your app decrypts an item, it makes sure that the data contents of the item match the ID of the item it was originally created with.

Both of these improvements, along with others, are now live in the latest versions of Standard Notes on all platforms. With this launch, we also release the latest version of our encryption specification. Any new data you create is automatically secured with the most powerful version of our encryption spec. For data created before this launch, read here for instructions on re-syncing.

We're proud to say that we're amongst the only private notes apps to have completed a third-party security audit. With our applications built for maximum longevity, we're confident we can continue protecting your data now and long into the future.

As always, thanks for your support. Please don't hesitate to reach out with any questions.

View Report

June 26, 2017 by Standard Notes

We're excited to announce the launch of four new powerful extensions that take your simple Standard Notes experience to a new level.

We decided early on that simplicity is the only way to achieve quality, stability, and longevity in software. Too often we see apps we depend on implode from their own complexity or become completely unusable from endless bloat. We knew that if we wanted to avoid this death trap, we had to design our system differently.

Extensions have been the perfect solution for us. We get to keep our core suite of applications as simple, fast, and reliable as possible. For the million and one other features users will want and invariably need, we created Standard Notes to be extensible.

Up until now, extensions have been limited to only certain parts of the app, like menu actions and custom editors. Today we're announcing a new class of extensions called components.

Components allow you to completely swap out sections of the app with custom modules. With components, you can build a custom tagging system, custom note list views, utility bars that allow pushing a note to WordPress and GitHub, and more.

Today we're announcing four new components:

1. Folders

2. Autocomplete Tags

3. Action bar

4. Github push

These extensions are now available in your Extended dashboard. If you're new to Standard Notes, get started by downloading the app here, then visit the Extensions directory to learn more.

Components use a special offline messaging system to deliver an extensible application even in the web browser. In fact, we make sure that our web application is always as powerful as our desktop applications. This is essential to our goal of longevity, because while desktop platforms may come and go, or be updated to oblivion, we're counting on the web to always be present no matter which platform you use. Powerful web access means as long as web browsers exist, Standard Notes exists.

Developers should check out our getting started guide to learn more about developing a component for Standard Notes.

We're beyond excited to get this in your hands and begin exploring the possibility of what a fully extensible notes app looks like.

If you have any questions, please don't hesitate to get in touch.

June 1, 2017 by Standard Notes

In a crime case, investigators don't have access to "the truth"—the data, if you will. All they have are clues which can be put together to make as perfect a guess as possible as to what the nature of the truth is. Metadata.

In the U.S, governments have played coy and attempted to talk down efforts of mass surveillance, particularly phone surveillance, by asserting that the actual contents of the call are not collected—only the metadata is:

  • Where you were
  • Who you were calling
  • How long you talked for
  • How frequently you talk to someone

In a crime investigation, having the answers to these kinds of questions could potentially make or break a case.

And that's precisely why governments collect this kind of information: it is powerful fodder in a legal setting. In an example most of us are probably familiar with, you can see that who Adnan Syed called and when were some of the most important deciding factors in placing him in a jail cell.

And as it can be used for legal justice in some cases, or the "good", it can also be used against you, like you're warned of in your Miranda rights.

So what do we do?

We protect ourselves and the people we care about, not against the government, but the possibility of government. We don't speak unless we have an attorney present. We plead the fifth.

We encrypt our data.

Smarter people before us have understood the unstoppable nature of government power, and have put in provisions such as separations of power and the Miranda rights precisely for this reason.

And today, smart people advocate endlessly for the encryption of your data as a form of self-protection. With anti-privacy legislation being signed today with a flick of a pen, it's more important than ever to understand that even metadata can and will be used against you. And, in the court of law, even if you have nothing to hide, or are fully innocent, you are still advised and even required to have a lawyer present before you can testify. Why? Because history.

Legal waters are not somewhere you want to swim in alone.

So the next time you hear that it's only "metadata" being collected, don't be fooled: metadata is the data.

This isn't to say that you shouldn't use apps that record metadata. Metadata is what allows a lot of your favorite apps to organize and keep your data in sync.

It's to instead say you should find no comfort in the fact that governments rely on the "metadata" crutch to make you feel ok with what they're doing.

The Bill of Rights of the United States constitution is about personal protections. These being such a fundamental part of our constitution is no coincidence: these were real dangers at some point.

  • The right to free speech
  • The right to bear arms
  • The right to remain silent

In today's world, we are the forefathers of a new constitution, a new amendment:

The right to encrypt.

It won't come easy, but then again, nothing important ever does.


You can join the privacy movement by using and supporting software that encrypts your data. The go-to word here is "end-to-end encryption". You can learn more about what that means in our post "What is end-to-end encryption?"

May 27, 2017 by Standard Notes

It's the greatest love story of all: you find an app that you absolutely love. It solves all your problems. And it makes your life better. It's a fairytale and the both of you live happily ever-after.

Except, it never quite happens like that does it? The app you depend on to solve your life's problems begins wanting to "scale." The company who makes the app took out an investment to build it, and now those investors want to see bigger returns. How? By attracting more customers.

Attracting more customers in today's world is done by adding more features that cater to a wider audience. Month after month, your beloved app grows and grows in features and complexity. It takes a little longer to load now. You notice a lag here and a bug there. On some days, you find it completely unusable. There are so many moving parts now that the developers can't keep up, and when they fix one bug, five others pop up.

It's the dreaded software bloat. And unless you take very careful measures to prevent it, it is guaranteed to happen.

Let us take a moment of silence for all of our fallen apps.


We don't want to treat you this way. We don't want to grow by doing more things. We want to grow by doing one thing so well that the entire world knows it and entrusts us to do this one job for them.

For us, it's your notes. Notes are one of the most important byproducts of our existence. It's how we know ourselves. And it's how we know our past. While your favorite social networking app desires to entertain you and thus finds new ways of doing so every quarter, we're not here to entertain you. We're here to protect something that is important to you. And we're here to make sure it's the easiest thing you'll do all day.

You won't find fancy text recognition algorithms in our apps. No fancy machine learning, notebooks, real time collaboration and commenting. Not even close. But you will find an app that respects you as a long-term user. An app that won't degrade with time. An app you know will be there for you tomorrow, to protect and maintain your most valuable life assets: your notes.

That's our promise to you. In fact, we apologize whenever we release new features, and celebrate when we have the luxury of simplifying.

This is what we mean by being a long-lasting, sustainable notes app. Imagine you bought a notebook from a bookstore that said "this notebook will begin disintegrating from the day you buy it until it completely implodes and disappears one day." You wouldn't buy that notebook.

Think of us as a long lasting notebook. The kind of notebook you'd expect.

And now you know what "Standard Notes" means :)

April 9, 2017 by Standard Notes

Privacy is a topic with which you are either a) completely tired of chasing after or b) not exactly sure on. In most cases, we all feel a little of both.

But privacy doesn't have to be hard. Privacy is hard when you expect it from a company that really has no interest in giving it to you. Common web companies today make privacy hard because it's truly against their interests to make it easy.

For us, privacy is our core business. It starts by making sure nobody can read your information, especially us! And its important that we take a moment and explain to you exactly how we do that. The term to know here is End-To-End Encryption.

Here is why it matters.

Encryption is the act of turning information into gibberish using secret passwords. The opposite of encryption is decryption, and if you don't know the secret password used, even the largest intelligence agency in the world couldn't decrypt your data. Encryption makes your data private. And it makes it effectively yours.

Where privacy gets tricky is there are basically two families of encryption, and far too many companies will confuse what each family does for their own gain, usually so they can secretly read your information.

There is the family of "encrypted" data. And the much smaller family of "end-to-end encrypted" data.

Encrypted data means your information uses a password to turn your thoughts into a random hash. But it doesn't make any reference as to when that data is encrypted. In most cases, companies will claim to encrypt your information, but what they are actually doing is encrypting it after the data is received in their data center. There is plenty of opportunity for any Web weirdo to peer in at your height, weight and steamy messages to your friends.

It's sort of like locking the door with the intruder already in the room. When instead you want to lock the door before the intruder can get in.

End-to-end encryption on the other hand means your data is turned to a random hash before it leaves your sight. That means the company that provides you with that service can't read your data. Period. When something is encrypted end-to-end, there is no shifting privacy policy to keep track of. You know how your data is being treated. It is impossible for a company to see your information if your data is encyrpted end-to-end.

We created Standard Notes was so we could have end-to-end encryption for our own notes. And we realized there was an awesome business in providing you end-to-end encyrption for your notes.

We're so proud that we can say that all of our apps, from mobile, to desktop, to web come with end-to-end encryption built-in.

When a company like us can't read your data, it forces us to instead rely on creating a great user experience to win your business. And that's exactly what we set out to do.

March 18, 2017 by Standard Notes

Some simple notes on simplicity: Engineering Standard Notes to be "un-elaborate" was anything but easy for us. In an era where software degrades by the day and the life expectancy of the apps we use is anything but ideal, getting our software simple took time. We were slow pokes on this idea. It took 3 years to realize simplicity was our only solution.

Why? It takes time to realize that less lines of code directly translate to a better experience. Simple means less bugs. It means less moving parts. Fewer things break. Simpler experiences ensure our users won't get frustrated. A simple app gets out of your way and lets you do your work. Simple forced us to focus on the functions that do exist, and to make them exist well. That's hard.

It also took those years to realize that simplicity makes a better business. Simple is honest. It lowers engineering costs and the fees to maintain applications. Simple code may be slower to build, but so much less of it exists that it's cheaper over all. We just sort of knew when we were done. We could sense that were clearly in the golden mean between a good user experience and a good business. We just decided to stop. And keep it simple.

There's also the ugly side to simplicity that takes time to accept. It forced us to admit how, well, unpleasant much of our previous work had been. Like everybody else, we poured our hearts and souls into apps that tried to do too much. We have all fought through the deep depressions when an app we depend on loses its way. We've all walked off development jobs after a few months, when the tool stopped serving users and instead obstructed them. We don't want to speak for you, but we're sure you've felt it: Ever notice how your favorite applications seem to get slower over time? That's no coincidence. They call that "growth". It happens because panicked teams were frantically trying to throw more functions at what was a good idea for some stupid business goal. And a good idea turns into something that isn't, real quick. That thing you loved metastasized into something you hate.

If simplicity keeps us from adding features, so be it. Standard Notes is officially an anti-growth company. We don't mind. We set out to do one thing well: Allow you to write your notes and thoughts privately without friction, on every device you own. And keep those thoughts for as long as your and your electronic devices exist. There are impressive technologies under the hood: sync, encryption, and clever development. But they're hidden. By choice. You simply never have to worry about them.

We're betting you'll sense the proper weight of that simplicity. And how that momentum will keep both you and us around for the long run.