Categories
System Admin

Joplin At Rest Encryption With Tomb On Linux

Spooky Graveyard

To Encrypt At Rest Or Not To?

There has been a lot of (passionate) debates on Joplin’s forum about its SQLite 3 database showing everything in clear text.

And by everything, I literally mean “everything”. Including your master encryption password.

Now, my intention here isn’t to fuel another debate. Joplin passed several security audits. Long story short: if you want your computer to remain safe (as much as possible), encrypt your whole hard-drive.

This is indeed a best practice.

Instead of discussing whether or not Joplin should encrypt its database, I’ll share the additional layer of security I laid out on my Linux machines using tomb.

By the way, if you have no idea what I’m talking about (what the hell is Joplin?), I suggest you read my previous post: From Evernote To Joplin.

Categories
Miscellaneous

From Evernote To Joplin

Joplin's Application Icon
Joplin’s Application Icon

I recently came across Joplin.

Simply put, Joplin is a free open source replacement for Evernote.

I’m an Evernote subscriber. However, I don’t use it that much. And I don’t have that many notes.

Let me be clear: Evernote offers a brilliant service, there is no denying that, it’s absolutely great and super convenient. But, in my case, for less than a 100 notes, I’m not fully convinced it’s worth the price.

Furthermore, Joplin has a few “punchy” arguments to put in a fair fight:

  • It’s free and open source (I know, I already said that, but it’s important).
  • It’s cross-platform (nodejs to the core). There are apps for Windows, MacOS, Linux, Android, and iOS. There is even an app to use it on the command line (Vim style)!
  • It works locally (no need for an internet connection), but enables synchronization with remote sharing services. Thus Yes! It can sync your notes across devices (using the WebDAV protocol).
  • It supports end-to-end encryption with zero knowledge: notes are encrypted locally before being transferred.
  • It integrates fully with Nextcloud!

Honestly, if the first few arguments weren’t enough, although I was definitely intrigued, the last 2 won me on the spot.

So let’s have a look at the beast.