PrivateNote
Sign Up Login

Overview

PrivateNote is a side project made by me, Alex L.

I built PrivateNote because I was using a mainstream note-taking application, which aren't end-to-end encrypted, and I wanted my notes to be end-to-end encrypted. I care about end-to-end encryption for privacy reasons, in particular because of the below two scenarios:

Security

PrivateNote is built with React. Password-based OpenPGP.js encryption is used to encrypt notes.

Password-based encryption works in the following way:

  1. A scrypt hash of your raw password is taken. This hash is used to encrypt notes.
  2. A scrypt hash of your first scrypt hash is taken. This second hash is used for password authentication with the PrivateNote server. Meaning, PrivateNote never knows your raw password nor the hash used to encrypt your notes.

IMPORTANT: I live in the United States of America, which poses a non-technical security vulnerability. The United States government could choose to FISA Warrant me, requiring me to turn over a user's encrypted notes. I would be required by law to forego announcing the FISA warrant. At the time of this writing, November 4, 2019, I have not received a FISA warrant.

Open Source

I would like to open-source PrivateNote, but I just haven't gotten around to it yet. If you are hoping to read PrivateNote's source, please contact me (my email address is in the footer).

Future Improvements

One day I hope to:

Will I ever charge for PrivateNote?

There will always be a free plan with 5 megabytes of storage. If PrivateNote ever becomes popular, I may have no choice but to start charging to cover my costs. I do not intend to profit on PrivateNote. I believe privacy should be a right to all humans. The purpose of PrivateNote is to help as many humans as possible have privacy online.