A few weeks ago I built a little web application to store notes, which encrypts your notes in the browser and stores them in the cloud (yeah, I hate that term). The idea was that even if the server was compromised, nobody could read the notes without a password.
From the server logs it looks like a few people at least are actively using it, even though there is a big warning saying it is for testing only. No idea for what of course, because even in the admin all I can see is a string of random characters.
This is how notes are stored in the database.
I've jumped straight to version 1.0.0 with the latest release, since it has been running quite happily for quite some time with no issues. It's still 'use at your own risk', but it is such a simple application that there is so little to go wrong. continue reading…