this post was submitted on 30 Apr 2024
71 points (100.0% liked)
Open Source
31406 readers
63 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon from opensource.org, but we are not affiliated with them.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I know it will get downvoted to oblivion but the OP asked so whatever. I only use a simple txt or html text/notes editor sometimes (on both mobile and desktop). Other than that I use paper or don't make notes at all. When I need to back them up or access them on another device, I just use a USB cable because Bluetooth doesn't work on my machine for some reason
I used todo.txt in this way for years, but unfortunately it's a dead format/spec, maintainers are all gone.
Yeah seriously I can’t believe you have the nerve to waltz into this thread and just plop a stinky plain txt turd into our nice punchbowl of needlessly overcomplicated organizational systems and tooling.
/s
Also I talked about SyncThing elsewhere on the thread in my annoyingly long comment so I won’t repeat it all, but you will never sync or transfer files between computers & phones any other way than Syncthing once you see the light I promise (I mean unless you are regularly moving 100s of gigs lol). Syncthing is slick as fuck and it just does what it does no bullshit. The web browser UI has a damn QR code reader utility so if your computer/phone has an attached camera you don't even have to text/email a long key or manually type it out.
https://syncthing.net/
I will never use a non self-hosted notes service. I think it's ridiculous. You can never fully trust such a system and it's unnecessary power usage (DNS, all the middlemen, the server, its office etc). You can encrypt the files before sending them to a third party service but ehh that's additional steps and good luck recovering the files in case you lose the key. And I don't really have quite the amount of money, time and neural cells for a home server so I prefer my way. No offends against syncing though. It has its advantages but ONLY if it's self-hosted. And tbh I'm just too old school for your unnecessarily overcomplicated syncing stuff. Analog items ftw.
quoted from https://syncthing.net/
Private & Secure
Private. None of your data is ever stored anywhere else other than on your computers. There is no central server that might be compromised, legally or illegally.
Encrypted. All communication is secured using TLS. The encryption used includes perfect forward secrecy to prevent any eavesdropper from ever gaining access to your data.
Authenticated. Every device is identified by a strong cryptographic certificate. Only devices you have explicitly allowed can connect to your other devices.
If you have a security concern, please see the security page for details and contact information.
Open
Open Protocol. The protocol is a documented specification — no hidden magic.
Open Source. All source code is available on GitHub — what you see is what you get, there is no hidden funny business.
Open Development. Any bugs found are immediately visible for anyone to browse — no hidden flaws.
Open Discourse. Development and usage is always open for discussion.
Easy to Use
Powerful. Synchronize as many folders as you need with different people or just between your own devices.
Portable. Configure and monitor Syncthing via a responsive and powerful interface accessible via your browser. Works on macOS, Windows, Linux, FreeBSD, Solaris, OpenBSD, and many others. Run it on your desktop computers and synchronize them with your server for backup.
Simple. Syncthing doesn’t need IP addresses or advanced configuration: it just works, over LAN and over the Internet. Every machine is identified by an ID. Give your ID to your friends, share a folder and watch: UPnP will do if you don’t want to port forward or you don’t know how.
Listen it's just my personal position that I want to OWN my notes completely and without exceptions. And about the security:
Are there any independent studies on the forward secrecy?
If 1 is false, how about bad actor attacks? Yes I know they can hack your home server but hey you can make it LAN only right?
EDIT: Imagine downvoting personal preferences
quoted from here https://docs.syncthing.net/users/security.html
Security Principles
Security is one of the primary project goals. This means that it should not be possible for an attacker to join a cluster uninvited, and it should not be possible to extract private information from intercepted traffic. Currently this is implemented as follows.
All device to device traffic is protected by TLS. To prevent uninvited devices from joining a cluster, the certificate fingerprint of each device is compared to a preset list of acceptable devices at connection establishment. The fingerprint is computed as the SHA-256 hash of the certificate and displayed in a human-friendly encoding, called Device ID....
Relay Connections
When relaying is enabled, Syncthing will look up the pool of public relays and establish a connection to one of them (the best, based on an internal heuristic). The selected relay server will learn the connecting device’s device ID. Relay servers can be run by anyone in the general public. Relaying defaults to on. Syncthing can be configured to disable relaying, or only use specific relays.
If a relay connections is required between two devices, the relay will learn the other device’s device ID as well.
Any data exchanged between the two devices is encrypted as usual and not subject to inspection by the relay.
Web GUI
If the web GUI is accessible, it exposes the device as running Syncthing. The web GUI defaults to being reachable from the local host only.
In Short
Parties doing surveillance on your network (whether that be corporate IT, the NSA or someone else) will be able to see that you use Syncthing, and your device IDs are OK to share anyway, but the actual transmitted data is protected as well as we can. Knowing your device ID can expose your IP address, using global discovery.
Protecting your Syncthing keys and identity
Anyone who can access the Syncthing TLS keys and config file on your device can impersonate your device, connect to your peers, and then have access to your synced files. Here are some general principles to protect your files:
If a device of yours is lost, make sure to revoke its access from your other devices.
If you’re syncing confidential data on an encrypted disk to guard against device theft, put the Syncthing config folder on the same encrypted disk to avoid leaking keys and metadata. Or, use whole disk encryption.
^ quoted from here https://docs.syncthing.net/users/security.html
I don't know of any particular security audits off the top of my head, but I know of a lot of very intelligent computer people who think Syncthing is reasonably trustable (as far as you can trust computers....).
Yes, Syncthing does not require internet just a local network, you can build a cabin in the middle of Alaska with no reception of any kind, hook up a solar panel, plug in a router, connect computers and phones with Syncthing software on them and BOOM you are in business. The devices will likely just show up as nearby device_ids that you can just click on in the web gui interface. It is enragingly simple given how obtuse, incompatible or insecure most other alternatives are.
Syncthing is entirely self-hosted and end to end encrypted. Data only lives on your machines.
As I said in one of the replies, I do not have the money, time and neural cells for my own server
I agree, if it works for you - good for you! Also, thank you for sharing, nevertheless it is interesting to read about different approaches.
That's your prefered way of doing things, I dunno why someone would downvote :/ except for the lulz...
As long as it works for you, it's only a win situation !!
Didn't expect to see a non-toxic person on Lemmy so fast. Get my upvote and have a very good day
I can do better than that by using *.csv files on a desktop machine, and I'm squeamish about taking them mobile. so I don't have to deal with sync'ing them.