Implement local encryption through key creation
J
Jeff
Now that apple have removed ADP in the UK, all NotePlan notes will soon be visible to the Apple, the UK state (and by extension other allies) and other bad actors, without notification to the end user. NotePlan could provide encryption to users by generating a key on one device and then entering this on other devices to allow them to encrypt/decrypt. This could be done via a QR code for ease-of-transfer. By each device using the same encryption key at rest, effective E2E protection would be offered.
Dave
https://noteplan.canny.io/general-feature-request/p/e2e-encryption
Eduard Metzger
The option in the Labs setting should still work with or without ADP. ADP doesn't affect CloudKit syncing anyways as far as I understand it, only iCloud
Drive
and other servicesJ
Jeff
Eduard Metzger
My understanding is that Cloudkit assets are only E2E encrypted if ADP is enabled, otherwise they are encrypted in-transit and at-rest using apple-side encryption. This means that for UK NotePlan users, all notes would be accessible to Apple and the UK government once ADP is phased out. The penultimate paragraph here: https://support.apple.com/en-gb/102651 seems to confirm this.
It would be great to know if there is other developer information that says otherwise, or if there could be a lab feature to encrypt with a key-pair generated by the user.
Love NotePlan, honestly the perfect app in so many ways! Would be amazing if it could continue to offer E2E for UK users.
Eduard Metzger
Jeff Thanks for sharing this article, didn't see it before. Then it confirms it, it's not E2E with ADP off.