Show HN: Mini-Diarium - An encrypted, local, cross-platform journaling app

Posted by holyknight 1 day ago

Show HN: Mini-Diarium - An encrypted, local, cross-platform journaling app(github.com)

129 points | 62 commentspage 2

eviks 21 hours ago|

What are the benefits of cramming everything into an app instead of using better editors in an encrypted container?

junipertea 17 hours ago|

Honest answer: The pain of setting up an encrypted container. This seems simple, single use and immediately ready to use after downloading.

eviks 17 hours ago||

What if the app set up an encrypted container for you in a similar "immediately ready to use after installation" fashion?

spangry 1 day ago||

Looks really cool, I like the pretty but minimalist interface. Could I store the SQlite file on, say, google drive so that I could access my journal from different devices while the contents are still kept secure because they’re encrypted?

holyknight 1 day ago|

Yes, you can definetely can! Currently you can see the location of the .db file on the preferences while your journal is open.

I will improve the experience for this use case in follow up releases, by for example being able to define a arbitrary path for your db file.

Thanks for the feedback!

Obscurity4340 1 day ago||

Why not simply use your password manager like KeePass to store journal entries and notes?

holyknight 11 hours ago|

You certainly can, this is just a different flavor of solving a problem that can be solved in multiple ways.

CafeRacer 1 day ago||

I'm using obsidian and cryfs. Nothing has access to those except a few programs. I'm storing notes, files, documents, whatever is important and everything is synced to the cloud.

bayindirh 1 day ago||

This is the beauty of it. If it works for you it's great. If this new app works for others, then it's great.

That's a good win-win situation.

As a fellow obsidian user, I wouldn't scoff at a simple app which does one thing well.

holyknight 1 day ago||

I also, myself, had a similar setup some time ago; that's super valid.

alabhyajindal 1 day ago||

Here's another approach using Rclone and an editor of your choice. Rclone has a built in crypt library that can encrypt your data and store it in a cloud provider. I use it along with Sublime Text to journal, and store my encrypted data on Dropbox.

More here: https://alabhya.me/rclone

desireco42 1 day ago||

Thank you for sharing this, this is very interesting problem to tackle.

I find this interesting mostly to understand how you are handling encryption and security. I think this is one approach but others expressed concern over long term viability.

Using Tauri is also very interesting. How did you find using it for this simpler case?

Anyhow, very cool project. Don't aband it :)

october8140 1 day ago||

Obsidian.md

holyknight 1 day ago|

yes, that's definitely also a valid approach.

goodpoint 1 day ago||

You can just encrypt your partition and use a file editor.

holyknight 1 day ago|

you can certainly do that, indeed.

drcongo 1 day ago||

How are we pronouncing that name?

holyknight 1 day ago|

It's based on a latin word so it should be not that far from the english pronunciation. It would be something like MIN-ee Dee-AIR-ee-um

saberience 1 day ago|

One major problem, I don't want a journal with unbreakable encryption where I lose all my data if I ever lose the key.

I already pay for a journaling website where I know I can always recover my journals as long as I have access to my Gmail.

So, while I appreciate this security first mindset, for me it actually becomes less interesting. I want my journal to sync to the cloud, I want to be able to unlock it, I don't want to risk losing years of journals if I forget a single key.

duskdozer 1 day ago||

>as long as I have access to my Gmail

I think you should be more cautious about relying on the services of a company like Google that can arbitrarily decide to remove your account data or access. Similar, though the person was fortunate enough to regain access: https://hey.paris/posts/appleid/

You can mitigate hardware failure and data loss, especially for a simple key, but you may not be able to prevent Google from deciding your account is gone one day.

holyknight 1 day ago||

Thanks for the feedback! That point is super valid; that's why I created it with multiple authentication slots in mind (currently, it supports both password and public key authentication) so you can use multiple simultaneously and do not need to rely on one single point of failure.

For example, if you set up a password and a key, you can use your key, and if it gets lost or compromised, you can still log in with the password, remove the old key, and generate a new one.

You can do the same in reverse: just use the password and keep the key in a safe place (like a password manager or a physical USB), and if you lose your password, you can still get access with the key.

Thanks again!

More comments...