Home / GitHub Page

So you want an app password

There was a post I was going to reply to but @tessus locked it

I am not a developer just a user and these opinions are mine alone.

Being FOSS does not make an application secure. I trust Joplin not to be naughty with my data but that is based on the sensitivity of the data I store. Being FOSS means that you or your Data Security team can examine the code to ensure that it is suitable for the data to be stored. It also means that instead of accepting the pre-built application download you can build it yourself safe in the knowledge that the code in the application is as published. But it’s the features an application has, as well as the underlying operating system, that needs to be considered. In my previous employment Joplin would not have passed scrutiny because it has the ability to sync over the Internet. Even though you need not use it the fact that it was there would not have been acceptable. Also running a mobile application on any OS that had something like Google services running on it would have prevented its implementaion.

If anyone thinking about mobile app locks would search this forum for “app lock”, “password lock” or similar they would see many posts about it. The main argument against this is that if your device is not intrinsically secure no password / fingerprint lock is going to help. A Cellebrite UFED will happily read your data regardless. For a UFED a password lock is an inconvenience not a barrier. Then, when your data is travelling over the Internet, it actually has decent protection. But when it lands at the sync target you are at the mercy of whoever runs the cloud service. Joplin provides End to End Encryption (E2EE) but, in my opinion, that should only be considered as suitable for preventing cloud storage providers from snooping on your data to target you with ads. If you have really sensitive data you should not be storing it on a public cloud service. i.e. something you do not control.

Personally I feel that Joplin’s approach is one of the most realistic and mature out there. It does not make any spurious claims, and basically says your whole device security (mobile or desktop) as well as your IT security policy is more important than individual app security. And that is something you need to deal with…

5 Likes

Yep, I locked the topic, because there are at least 5 topics open with the same request and it will end up in the same discussions as before.

3 Likes

Totally agree. I just felt the need to make it clear why I thought that these app lock requests were rather pointless. I have never been a programmer but I have been a digital forensic / data recovery technician and app locks may make the user feel secure, but that’s about it…It’s a feeling only…

3 Likes

To design something secure is extremely complicated. It’s another job than to design and code the application.
You can consider writing high-quality security code by the vendor with a paid product.
In this case, we have few people willing to spend them free time writing the application to be as best as possible.
Therefore I have suggested in previous threads to use app locking feature written by somebody else.
To lock app is many times part of mobile OS (my Android has it) or could be provided by the 3rd party app.

And this app should be written by somebody focused to security and should be really secure.

Use “Unix approach” - do one thing but do it best way.

Does your phone support fingerprint unlock? Great, you don’t need to chase Joplin coders to implement it, you have it already.
Do you want to unlock by selfie-camera? Great, your mobile knows how to do it already, you don’t need to wait until Joplin coders implement it…

I haven’t read previous discussions on this. But for me, a pass would be useful, just in case I want to lend the phone to someone, like a colleague or a kid. I kind of trust them, but not with every app on the phone (or computer). It’s not to protect from masterminds and supercomputers.

1 Like

You should have, in which case you would have read that there are either apps that do exactly that or that there are built-in profiles even guest accounts on phones.
See, this was the reason for locking the other topic in the first place.

1 Like