4.7 out of 5 with 59 ratings

Joplin Comments

Comment by xvhpqg
about Joplin · Sep 2018 · Helpful Not helpful 3 Helpful Report as spam

@developer
Can you add a standard WYSIWYG text editor mode on the Windows app?
This is the only thing preventing me to use this nice app.

[Edited by xvhpqg, September 04]

reply

Unfortunately not at this time as there is no good WYSIWYG text editor that would have all the required features needed by Joplin. Efforts now are to make the existing editor more user friendly by adding shortcut, toolbar buttons, and possibly later on helper utility (for example, an editor to create and edit tables).


Comment by snakyjake4
about Joplin · Jan 2019 · Helpful Not helpful Report as spam

It's not "full" encryption. Local resources are NOT encrypted. Only sync/E2E data is encrypted.

reply

Joplin supports end-to-end encryption (E2EE). Local data is not encrypted because the OS features are sufficient to keep your data secure (or if they are not, you have a much bigger problem!). If additional security is needed, you can also put your profile on an encrypted partition or Truecrypt container. E2EE needs to be explicitly supported by Joplin, but local encryption can already be done in many different ways by the user, which is why it's not yet supported.

lau22 sorry but is not like that, just to help if someone read it, I will try to use easy words. The OS features is not sufficient to keep you data secure, even if you put the data in an encrypted partition like truecrypt is not safe, is the same thing if you not use an encrypted partition, why? because the app access your data in plaintext even inside of an encrypted partition. For the "encrypted partition" to work you need to turn off your PC, that's mean "exit/close the encrypted session". Any OS have bigger problem cause is very complex with moving parts, this means any OS can be hacked, and remember the OS is turn it on, it means is inside of the "encrypted session" of the partition, this means I can read everything in plaintext inside of the encrypted partition. Actually anyone can copy/paste the joplin folder and read in plain text your notes, password, settings and images. Let's say you accidentally left your session open for 3-5 minutes, a bad co-worker can copy and paste all your notes into his usb pendrive.

This not happen with standard notes for example, even if a bad people gain access, it can't read your notes, even if can read your notes, it can't delete or modify your notes (Standard notes provide to you with security mechanisms for this)

[Edited by Johxz, July 10]

We've been discussing this at length on the Joplin forum and those are indeed valid points. Having app encryption would provide an additional layer of security. The counter point to that of course if that if you leave your computer on, what's stopping people from installing a keylogger or other malware which will easily go around any security of your apps?

That's why this feature hasn't been implemented yet. It requires quite a bit of work and in fact it won't help much if someone has physical access to your device. It's true that it would slow them down, which I guess is better than nothing.


Joplin Activity Log