I will never use a non self-hosted notes service. I think it’s ridiculous. You can never fully trust such a system and it’s unnecessary power usage (DNS, all the middlemen, the server, its office etc).
Private. None of your data is ever stored anywhere else other than on your computers. There is no central server that might be compromised, legally or illegally.
Encrypted. All communication is secured using TLS. The encryption used includes perfect forward secrecy to prevent any eavesdropper from ever gaining access to your data.
Authenticated. Every device is identified by a strong cryptographic certificate. Only devices you have explicitly allowed can connect to your other devices.
If you have a security concern, please see the security page for details and contact information.
Open
Open Protocol. The protocol is a documented specification — no hidden magic.
Open Source. All source code is available on GitHub — what you see is what you get, there is no hidden funny business.
Open Development. Any bugs found are immediately visible for anyone to browse — no hidden flaws.
Open Discourse. Development and usage is always open for discussion.
Easy to Use
Powerful. Synchronize as many folders as you need with different people or just between your own devices.
Portable. Configure and monitor Syncthing via a responsive and powerful interface accessible via your browser. Works on macOS, Windows, Linux, FreeBSD, Solaris, OpenBSD, and many others. Run it on your desktop computers and synchronize them with your server for backup.
Simple. Syncthing doesn’t need IP addresses or advanced configuration: it just works, over LAN and over the Internet. Every machine is identified by an ID. Give your ID to your friends, share a folder and watch: UPnP will do if you don’t want to port forward or you don’t know how.
Security is one of the primary project goals. This means that it should not be possible for an attacker to join a cluster uninvited, and it should not be possible to extract private information from intercepted traffic. Currently this is implemented as follows.
All device to device traffic is protected by TLS. To prevent uninvited devices from joining a cluster, the certificate fingerprint of each device is compared to a preset list of acceptable devices at connection establishment. The fingerprint is computed as the SHA-256 hash of the certificate and displayed in a human-friendly encoding, called Device ID…
Relay Connections
When relaying is enabled, Syncthing will look up the pool of public relays and establish a connection to one of them (the best, based on an internal heuristic). The selected relay server will learn the connecting device’s device ID. Relay servers can be run by anyone in the general public. Relaying defaults to on. Syncthing can be configured to disable relaying, or only use specific relays.
If a relay connections is required between two devices, the relay will learn the other device’s device ID as well.
Any data exchanged between the two devices is encrypted as usual and not subject to inspection by the relay.
Web GUI
If the web GUI is accessible, it exposes the device as running Syncthing. The web GUI defaults to being reachable from the local host only.
In Short
Parties doing surveillance on your network (whether that be corporate IT, the NSA or someone else) will be able to see that you use Syncthing, and your device IDs are OK to share anyway, but the actual transmitted data is protected as well as we can. Knowing your device ID can expose your IP address, using global discovery.
Protecting your Syncthing keys and identity
Anyone who can access the Syncthing TLS keys and config file on your device can impersonate your device, connect to your peers, and then have access to your synced files. Here are some general principles to protect your files:
If a device of yours is lost, make sure to revoke its access from your other devices.
If you’re syncing confidential data on an encrypted disk to guard against device theft, put the Syncthing config folder on the same encrypted disk to avoid leaking keys and metadata. Or, use whole disk encryption.
I don’t know of any particular security audits off the top of my head, but I know of a lot of very intelligent computer people who think Syncthing is reasonably trustable (as far as you can trust computers…).
Yes I know they can hack your home server but hey you can make it LAN only right?
Yes, Syncthing does not require internet just a local network, you can build a cabin in the middle of Alaska with no reception of any kind, hook up a solar panel, plug in a router, connect computers and phones with Syncthing software on them and BOOM you are in business. The devices will likely just show up as nearby device_ids that you can just click on in the web gui interface. It is enragingly simple given how obtuse, incompatible or insecure most other alternatives are.
quoted from https://syncthing.net/
Private & Secure
Private. None of your data is ever stored anywhere else other than on your computers. There is no central server that might be compromised, legally or illegally.
Encrypted. All communication is secured using TLS. The encryption used includes perfect forward secrecy to prevent any eavesdropper from ever gaining access to your data.
Authenticated. Every device is identified by a strong cryptographic certificate. Only devices you have explicitly allowed can connect to your other devices.
If you have a security concern, please see the security page for details and contact information.
Open
Open Protocol. The protocol is a documented specification — no hidden magic.
Open Source. All source code is available on GitHub — what you see is what you get, there is no hidden funny business.
Open Development. Any bugs found are immediately visible for anyone to browse — no hidden flaws.
Open Discourse. Development and usage is always open for discussion.
Easy to Use
Powerful. Synchronize as many folders as you need with different people or just between your own devices.
Portable. Configure and monitor Syncthing via a responsive and powerful interface accessible via your browser. Works on macOS, Windows, Linux, FreeBSD, Solaris, OpenBSD, and many others. Run it on your desktop computers and synchronize them with your server for backup.
Simple. Syncthing doesn’t need IP addresses or advanced configuration: it just works, over LAN and over the Internet. Every machine is identified by an ID. Give your ID to your friends, share a folder and watch: UPnP will do if you don’t want to port forward or you don’t know how.
Listen it’s just my personal position that I want to OWN my notes completely and without exceptions. And about the security:
Are there any independent studies on the forward secrecy?
If 1 is false, how about bad actor attacks? Yes I know they can hack your home server but hey you can make it LAN only right?
EDIT: Imagine downvoting personal preferences
quoted from here https://docs.syncthing.net/users/security.html
Security Principles
Security is one of the primary project goals. This means that it should not be possible for an attacker to join a cluster uninvited, and it should not be possible to extract private information from intercepted traffic. Currently this is implemented as follows.
All device to device traffic is protected by TLS. To prevent uninvited devices from joining a cluster, the certificate fingerprint of each device is compared to a preset list of acceptable devices at connection establishment. The fingerprint is computed as the SHA-256 hash of the certificate and displayed in a human-friendly encoding, called Device ID…
Relay Connections
When relaying is enabled, Syncthing will look up the pool of public relays and establish a connection to one of them (the best, based on an internal heuristic). The selected relay server will learn the connecting device’s device ID. Relay servers can be run by anyone in the general public. Relaying defaults to on. Syncthing can be configured to disable relaying, or only use specific relays.
If a relay connections is required between two devices, the relay will learn the other device’s device ID as well.
Any data exchanged between the two devices is encrypted as usual and not subject to inspection by the relay.
Web GUI
If the web GUI is accessible, it exposes the device as running Syncthing. The web GUI defaults to being reachable from the local host only.
In Short
Parties doing surveillance on your network (whether that be corporate IT, the NSA or someone else) will be able to see that you use Syncthing, and your device IDs are OK to share anyway, but the actual transmitted data is protected as well as we can. Knowing your device ID can expose your IP address, using global discovery.
Protecting your Syncthing keys and identity
Anyone who can access the Syncthing TLS keys and config file on your device can impersonate your device, connect to your peers, and then have access to your synced files. Here are some general principles to protect your files:
If a device of yours is lost, make sure to revoke its access from your other devices.
If you’re syncing confidential data on an encrypted disk to guard against device theft, put the Syncthing config folder on the same encrypted disk to avoid leaking keys and metadata. Or, use whole disk encryption.
^ quoted from here https://docs.syncthing.net/users/security.html
I don’t know of any particular security audits off the top of my head, but I know of a lot of very intelligent computer people who think Syncthing is reasonably trustable (as far as you can trust computers…).
Yes, Syncthing does not require internet just a local network, you can build a cabin in the middle of Alaska with no reception of any kind, hook up a solar panel, plug in a router, connect computers and phones with Syncthing software on them and BOOM you are in business. The devices will likely just show up as nearby device_ids that you can just click on in the web gui interface. It is enragingly simple given how obtuse, incompatible or insecure most other alternatives are.