Yeah I was actually thinking of the batch script, and the encryption wasnt really an important part.
Batch script is looking like the best option for me. Only problem is I dont know how to write batch/powershell scripts 
Should hopefully be simple enough though.
Thanks everyone for the help.
If I end up getting/writing the script though ill make sure to post it here.
I use NextDNS (which is like pi-hole in the cloud). It should allow complete protection of any Android, Windows or linux device. You could blacklist any destination joplin called. Furthermore, I don't understand why a real firewall would have any difficulty setting rules for specific devices.
What firewall do you use?
Yeah, but if the computer itself is compromised, wouldn't it be the same if Joplin offered some kind of an internal mechanism to decrypt the notes on the fly? The decrypted content would still need to be stored somewhere. Even if it's non-permanent storage, e.g. RAM, a malicious actor would surely be able to grab the data from it anywayβ¦
I think the following link may be of help.
You will need to do the testing yourself, but I'd assume that you may need to block access for the actual joplin.exe executable, and not the main JoplinPortable.exe file. Unless the firewall rules are automatically applied to child processes, which I honestly can't say now without proper testing.
Was just planning on using windows firewall. Im using a portable version as I said before and reset my pc often, so just changing the firewall rules once wont cut it.
Wasn't thinking something so complicated, just just thinking something so simple as a PC just taking a whole copy of whatever is plugged into it, the point was that if one was concerned about contacting a google CDN but was still happy throwing Joplin onto random PCs outside of their control (which it turns out was not the situation anyway) then their priorities were a bit skew-whiff.
See Tinywall on Windows. It blocks all apps by default, you can enable the ones you want.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.