Encrypt or not encrypt?

Hi, Joplin community.

Joplin is an amazing Evernote alternative I seek for a long time.
Using Evernote for many years I still more and more afraid of losing my huge collection of knowledge in case they decide to cancel my account or the whole service at all.

I really appreciate your effort and now I’m migrating my 3800+ notes including about 1.5GB of images (the majority of my notes are web clips).

Now I’m in the phase to decide to encrypt or not to encrypt.

At first sight, the answer is easy - always encrypt.

But the encryption solves data protection just on remote synchronization storage, not for local copy.

Enabling encryption, all my images in resources directory are encrypted while keeping an unencrypted copy as well. The size of the encrypted image is about 1.5-1.8x bigger than the original one.

resources directory now occupies 4GB instead of previous 1.5GB.
When I decide to use filesystem for synchronization, it requires another (about) 2.5 GB for sync directory.

6.5GB of required space for 1.5GB of data is not a big deal on my home PC but definitely an issue on my mobile phone.

I will use my private virtual server as sync repository, synchronization itself will use TLS on the network.

As the ratio between the confidentiality level of my notes (almost nothing confidential) and the probability of unwanted reading disk of my virtual server is acceptable low for me,
I have decided to not use Joplin encryption.

Did I miss something important why I should stay with Joplin encryption or not?

Many thanks.

1 Like

At this point, if you have so much data, it’s indeed probably better not to use encryption just yet, especially if you don’t have any sensitive data in there.

There are changes coming in that might help handle your data:

  • An option to download resources only on demand. It’s mainly useful on mobile as it means you’ll have your note, but you only download the resources as needed. In your case, it will save about 4GB on your phone.

  • Maybe something to clean up the .crypted files left behind. Originally I left them there because they can be occasionally (but rarely) useful. So a future update will probably have these files cleaned up, which again in your case will save a lot of data.

Once this is in, it might make sense for you to turn on E2EE (following the guide on https://joplinapp.org/e2ee/)


Hi, @laurent

Currently, to get rid of Evernote as fast as possible, will go by non-encrypted way.
After the improvements you described, I will consider the encryption later.

Many thanks.

Since I’m using my own cloud system on my own server (with full disk encryption), I’m not encrypting the data. IMO encryption would only make sense, if you used a public cloud service or WebDAV server which is not under your control. But that’s just my opinion.

1 Like

Hi, @tessus.

I have the same feeling. Just want to be sure I didn’t miss some area.

Do you have the machine physically at home (or at work, whatever)? Or is it some shared hosting/cloud scenario, where you have the machine under your control?

I seek for Evernote replacement.
The kind of data I was willing to share with Evernote I can store on my virtual server hosted by somebody.
The level of data confidentiality and level of risk that somebody access my data is in balance for me.

1 Like

I have a physical server at a datacenter. Shared host/cloud is not secure at all. As soon as someone has access to the hypervisor all data (this includes encrypted data) is compromised. The cloud or shared host provider always has access to the hypervisor.
It is very easy to create a mem dump from a VM and retrieve keys and passwords.

1 Like

That's why I'd asked. :slight_smile:

hii tessus,

if you don’t encrypt but u sync to your own cloud system, will the unencrypted note of your also have to go thru internet then to your private cloud server ?

then you unencrypted data is also exposed to whatever that might be lurking around in the cloud.

i was assuming you sync your data when you are not at home or by ur personal cloud server.

I am sorry, but I don’t understand what you are saying. I don’t use a cloud based service (a VM that can be accessed via a hypervisor), but a bare metal server in a data center.

My transport is encrypted by TLS 1.3, so good luck cracking that forward secrecy. So my data is nowhere unencrypted except the mounted filesystem on my server, which no-one has access to. The data center owners have physical access to the machine, but they can’t really do anything. I removed USB and some other useless crap from the kernel…

So, there’s no way to expose unencrypted data, unless one is using http, in which case they should stop talking about security and probably never, ever touch a computer again.

1 Like

I am also wondering whether to encrypt or not, and based on the comments in this thread I don't think it is necessary for me for two reasons:

  1. I use a home server that's located in my house with full disk encryption, therefore the data at rest is already encrypted.
  2. I sync via a secure WebDAV link i.e. I use a TLS certificate and my WebDAV URL is https://restofurl, therefore the data in transit is already encrypted.

Is that an accurate summary of this thread?

Yes, in this case you can do without encryption.

Encryption mainly makes sense with public hosted cloud providers.

Yes that's correct, in that case you don't need E2EE because the server is physically at home, and data is encrypted in transit. Encryption is useful mostly when the data is sent to a third party server, like Dropbox or OneDrive, or a VPS hosted by a third-party.

Hi, @laurent ! Please tell me, as a newbie, what is the principle of encryption in Joplin. On my Mac, I can see unencrypted files: images, PDFs, etc. in the ./resources folder. When I search by extension on the server, in the NextCloud, I can't find images or documents. Does this mean that all my files are encrypted on the cloud and are safe in case a hacker gets access to the server?

Correct, the local data are unencrypted and those in the synctarget are encrypted.

Thank you!