In the Joplin Encryption help, it is written: "The system is designed to defeat any attempts at surveillance or tampering because no third party can decipher the data being communicated or stored." I just read in other posts on the forum that encryption only works on the cloud data. If the app truly keeps others out of the data from a local device point of view, what would be a good test of this? I've encrypted on the desktop app and on my cell, but it doesn't seem to be keeping a third party who might find my cell phone from reading the data. The Joplin app is a great tool, but I'm not sure it's a close match for me.
It doesn't. End To End Encryption (E2EE) encrypts the data from when it leaves a user's client until it is received by another of the user's clients. So when the note data leaves a client to sync it is protected from interception by both HTTPS (hopefully!) and E2EE. Whilst the data sits on the cloud storage service used for syncing it is still encrypted by E2EE. Basically, when the data is out of the user's direct control it is encrypted.
"communicated or stored" refers to sending the data to a third-party storage service for the purposes of syncing the clients.
That's true but it is only a problem if the phone's owner has chosen to remove the phone's full device encryption and set it to allow access without a PIN or biometric lock.
I believe that you can activate an app lock on the mobile clients but I do not think that there is any encryption (in addition to the devices own security) associated with that.
Thanks, I'd be interested in why the error I forwarded occurred, but I'm okay with what I've already configured, AppLock for cell and My Lockbox for Windows. No need to spend more time on the issue. -K
AFAIK this tool is only designed to hide certain folders, not to encrypt them. In order to achieve the same level of security that you have on an encrypted phone, full disk encryption is a prerequisite. Tools like Bitlocker and Veracrypt can do this on Windows.
