Usage *without* encryption about mininote HOT 5 OPEN

I've installed the Mailvelope add-on and created a new notebook (pw:1234 with 1234 as passwort) in the demo as an example and a note called secret.txt which should be safely encrypted, even though everyone can open it.

from mininote.

Hi @espressoelf! I see the issue that not everyone might want encryption. However, I'd still like to have it included as a built-in feature. Using third-party browser plug-ins is too much of a hassle for the average user. I could imagine a solution where encryption can optionally be turned off by the server admin using a feature flag in the config. PRs are welcome!

from mininote.

That's understandable, users want a simple solution and not another bloated complete solution for every problem. I still think the current solution is more or less a placebo, protecting a leaked db at most. I'll try to read more into the code and see if I can add something. I'll create a PR when I'm able to. Until then, I'll leave this as suggestion and also as hint for users looking for other ways to encrypt their text without trusting the server.

Feel free to close this for now if you want :)

from mininote.

Actually, considering the issue described in #73, I think the option to disable encryption (globally for the whole instance) would be helpful after all. I'll have a look once I get to it.

from mininote.

I still think the current solution is more or less a placebo, protecting a leaked db at most.

Quick comment on that. The current type of encryption is more than just encryption at rest. It's in fact end-to-end encryption, but, admittedly, with the caveats mentioned at https://github.com/muety/mininote#-encryption.

We might actually get rid of the password entirely, which would drastically improve security in a way that there wouldn't be a need to trust the server admin to not use modified code anymore. I created #74.

from mininote.