How do you store your family’s sensitive information online securely? How do you ensure that notes taken from the board meeting are kept safe and confidential?

^{Image by StartupStockPhotos from Pixabay}

The answer, it turns out, lies in open-source, multiplatform, and decentralized online notebooks.

Before giving you a better solution, let me back up a minute.

For a couple of days now, I’ve been having a heated conversation with my spouse about storing our sensitive passwords and other account credentials online in a note app. Online platforms allow us to access our accounts information while we are both on the go, and a more accessible interface to maneuver through. We need an easy-to-use app that we can view and update while picking up the kids or waiting in line at the bank. Our conversation was something of the sort;

“Whew, can our confidential data be stored securely and still have easy access to it daily?”

“What about our phones or tablets?”

“It’s okay, but that would mean that we remind each other of the change if there is an alteration in our password. And what if the phone gets lost, don’t you think it will be unsafe? Maybe we can try an online notebook like Google docs or Evernote, or what do you think?”

“Mmmm, sure, but you do know those companies have fulltime access to your data, right? “

“Yes, I do, but would they? Why would they do that, and yet they are there to provide safety for our information that we consider confidential?”

“They most definitely would. Besides, even if they fail to, why risk such exposure if you value the privacy of your information?”

“So what do we use that is private, something that can synchronize on our phones and computers, and won’t be seen by snooping companies?”

^{Image by Pexels from Pixabay}

Yes, your guess is right, there wasn’t an answer for some time, and we couldn’t find any reliable app from what I’d term as a “confidentiality hunt.” We were both tired of searching for sticky notes that had fallen to the floor or physical notebooks that had been left in the wrong car.

I wanted online tools that only my wife and I could access, and that could be stored and launched from where we chose. I could customize a tool to suit my personal needs and cater to my work as a secretary.

So I researched to find a perfect match for my needs, a real solution that could guarantee confidentiality and serve me with the utmost efficiency.

So, why not simply use OneNote, Google Keep for Work Notes or may be Evernote?

I hear you saying: “Why don’t you just quit complaining and use OneNote, Google Keep, Evernote, Simple note, and so forth, right?

Well, it’s because you don’t own the companies that offer those tools, nor are you part of them in any way. It means that you can not make the rules and regulations as far as privacy and data protection is concerned. These companies offer a centralized service where they store your data, implying that you are using their tools on their terms. They could see your data.

^{Image by Tumisu from Pixabay}

Sure, you can still use them. Each is a fantastic notes app, and I’ve used many of them for years to capture work notes or collaborate with teams, large or small. But even with global initiatives like GDPR forcing companies to be more transparent, there will always be some level of unwanted access and possible snooping into your data on these tools, whether by humans or intelligent bots. Most of these apps use a security system known as encryption-in-transit and encryption-at-rest to protect your data. The message is encrypted on your device and decrypted on the cloud. The message is encrypted again as it leaves the cloud and decrypted again when it gets to your contact’s device. Even worse, the message doesn’t just go through the cloud storage system, but rather, a log of sensitive information (your data) remains there forever. It allows the service provider with unlimited access to your data at their will. Not only that, but a black hat hacker or an indigence agency could as well use the law to coerce a service provider to hand over all your messages. You probably don’t want and am pretty sure no sane person would also like that. We all need an application that will provide absolute privacy and keep our data secure. The stored notes should be kept safe from your phone, through the cloud, and to the targeted device. This security level is not possible with the kind of security infrastructure laid by most of the apps now available for note-taking.

For instance, the 2018 Facebook/Cambridge Analytica fiasco proved that a centralized system is not the safest option for data protection. It showed how vulnerable you and your data are when stored in a single place.

If are after absolute privacy, then go for applications that give you control

The solution is to store your data as per your terms. You should also have the ability to control where it is stored, who can access it, how you import/export it into other tools.

^{Image by vishnu vijayan from Pixabay}

Therefore, the best tool to solve our dilemma would be BSafes, a tool used for capturing plaint text work notes. BSafes is elegant in its simplicity, an open-source, multiplatform, note-taking tool with end-to-end encryption, using AES-256, so no one can see the data you store in it. It allows using a master passcode to lock down on your data an additional security measure to enhance privacy.

I’ll now give you a brief introduction to BSafes, an epitome of security in note-taking apps.

BSafes: An Open Source Client-Side Encrypted Note Taking App

BSafes is a note-taking application that puts a particular emphasis on privacy and security. It is a cross-platform and, of course, completely open-source. It is a secure note-taking web application for teams and individuals, with end-to-end encryption.

A simple BSafes note page

The core application is free and comes with a free account that synchronizes your data across all the platforms without any limit on the data capacity. (p.s. free during the trial period)

A little emphasis on the security part:

BSafes uses end-to-end encryption. It means that no one except you can read your notes because data conveyed to the server is always encrypted. So, even if a black hat with malicious intentions can access the servers and your data, they will see nothing valuable but pure nonsensical gibberish. Your data can only be decrypted when you log into your account, from where you first download them to your PC (while encrypted), and then decryption follows for you. With BSafes, there should be no more worries about someone else reading your private notes.

BSafes is neat and well-crafted and is worth trying out. To sum up the features, BSafes app offers the following note-taking necessities;

1. End-to-end encryption with AES 256 bits
2. Designed for teams from ground up
3. Team collaboration in a dedicated workspace
4. Searching notes with encrypted tags.
5. Easy to use WYSIWYG rich text editor
6. Photos gallery on a note page
7. Attaching files on a note page. Each file is up to 500MB, up to 100 files on a page.
8. Version controls
9. Compatible with all modern HTML 5 browsers on Windows, Mac, Linux, iOS, and Android.
10. Cost-effective - $2.99 per month account for unlimited members and teams.

256-bit Encryption

Most people see the term 256-bit encryption bundled about all the time, and if we are honest-have absolutely no idea what it means and how strong it is. Once you go beyond the surface-level, “it scrambles data and makes it unreadable,” encryption is an incredibly complicated subject. It’s not a light read. Most of us don’t keep a book about modular exponentiation on the end table beside our beds.

A quick refresher on encryption, in general

When you encrypt something, you are talking about the unencrypted data, called plaintext, and performing an algorithmic function to create a piece of encrypted ciphertext. The algorithm you are using is called cryptography. Except for public keys in asymmetric encryption, you must keep the encryption key’s value secret. The private key associated with that piece of ciphertext is the only practical means of decrypting it.

256-bit encryption is a data/file encryption technique that uses a 256-bit key to encrypt and decrypt data or files. It is one of the most secure encryption methods after 128- and 192- bit encryption and is used in most modern encryption algorithms, protocols, and technologies, including AES and SSL.

256-bit encryption refers to the length of the encryption key used to encrypt a data stream or file. A hacker or cracker will require 2^256 different combinations to break a 256-bit encrypted message, virtually impossible to be broken by even the fastest computers.

How strong is 256-bit encryption

A low-bit key is one with fewer combinations, so it would be relatively easy to crack for a hacker with dedicated computing resources. The larger the key, the harder this becomes exponentially. For example, a 5-bit key has possible combinations; a 6-bit key has 64 combinations; a 7-bit key has 128 combinations, and so forth. The number gets weirdly crazy as you raise the exponential.

The more complex the encryption, the more difficult it becomes for a cybercriminal to reverse-engineer the encryption key and access the data. It does not mean that the codes are uncrackable, but that the time taken to find the right combination would be far too long to ever be feasible in one lifetime, even with powerful supercomputers.

Let’s say a hacker has a computer that can test a billion keys per second, trying to brute all combinations. That means they can break a 30-bit key in just one second. At that speed, though, it will take you a billion seconds (or 34 years) to break a 60-bit key because every 30 bits added makes it a billion times more difficult. A spy agency like the NSA can crack 60-bit keys using supercomputers, but a 90-bit key is a billion times more difficult to crack, and a 120-bit key would be further billion times more difficult to break than that. Most applications used by Windows, Android, and Apple have at least a 128-bit key – the standard encryption algorithm used by the US Government for data encryption.

One can imagine that a 128-bit key, with more than 256, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000, 000 key combination, is exceptionally safe. The same goes for 192, or 256-bit Advanced Encryption Standard recommended for sensitive data and other valuable information.

As Bharat Mistry, a cybersecurity consultant, puts it into perspective, “it would take fifty supercomputers an estimated 3.4 x 1, 038 years to break the commonly used 256-bit encryption key.” And with this type of cyber defense in place, BSafes is quite confident in selling this app as the most secure efficient in the market. As you can imagine, most hackers will be hard-pressed to find time to access your notes.