Homepage    |    GitHub    |    API    |    FAQ

Safe (offline) notes - for nerds like me

I have a few notes in Joplin, which I don't like getting uploaded anywhere, or on an unencrypted drive. So how do I do this ?

  • in settings note history is always turned off
  • one notebook holds all such notes - let's call it s-book
  • usually they reside in a separate JEX container on a safe (encrypted) drive (not in Joplin)
  • when I need to see them or edit them here is what I do - just a few steps:
  • go offline
  • import this JEX into my Joplin DB
  • view my notes, edit, etc
  • export the s-book back onto the same file location as before
  • delete s-book
  • go online (meaning allow Joplin to sync again)

This is clearly not a carefree, "automated solution", without the risk of making mistakes. But it works for me - it may not work for everybody. For notes which are really "sensitive", I do not use Joplin.

1 Like

What threats does this approach prevent?

bugs in EE2E
bugs in Joplin
bugs in libraries
bugs in updates to any component
...
each one can potentially lead to online notes being exposed, either as not encrypted at all, or with some way to break into it.

Now you might say "who cares", or why would "they" bother ? But if you were a investigative journalist on a hunt, then you wouldn't ask the question. And I am sure there is plenty of other cases, where sb said, this bank is safe.

Have you considered having the notebook in a separate Joplin profile? Especially on windows this is trivial to do with Joplin Portable.
You can keep the entire app and its data in your encrypted container and won't have to fiddle with the settings every time.

Thank you, zblesk. On Mac this ain't as easy. I would have to switch user account every time ....

Well, I'm not sure if it's officially supported, but some clients let you start them with a --profile flag. Try searching the forum, I've never really used it.