Requesting encryption of local Joplin data (at rest encryption)

This is a very contentious point on the Joplin forums, mostly because it comes up so often and there is rarely (if ever) and new arguments/information presented. I'd like to remind everyone in this thread to act in good faith and please try to refrain from making accusations.

With that said, there was a thread 10 days ago that provides a few counter points that you may be interested in. It may also serve to help you kickoff a new search direction, I promise you this topic has come up more than twice...

The stance of the Joplin project (from what I've seen), is that the security conscious individual, which should include everyone, would be better served by using full disc encryption or at least use an encrypted home directory. Full disc encryption is obviously the ideal as it encrypts all Joplin data and all other user data. If this isn't possible, using veracrypt is the next best thing.

To specifically comment on your suggestion to use SQLCipher and provide context, that would work well for the notes, but Joplin resources are stored as files in the resources directory, so any solution for Joplin will need to include these as well.

Edit: you may also be interested in the results of an external security audit from last year.

And just to finish off with a little bit of levity. I present the ultimate hacking scenario