[Moved to blog.standardnotes.org] Notes on privacy, simplicity, and sustainable development.
9480 words

The 120 Day Update

A little bit of sunshine has graced us this week, and after a few months of heavy bunkering in our winter den, we emerge energized and with news. Here are things we've released or have been working on over the last 120 days:

  1. The all-new 3.0 mobile app for iOS and Android
    It's fully redesigned, and really fast. We switched from React Native Navigation to React Navigation, and the app feels much more stable and smooth. We still believe React Native is the way to go, and we now share a single core JavaScript library that encapsulates all encryption and item management across our entire suite of applications, which is a dream for sustainable development.

  2. The 3.0 desktop/web update
    It features a much cleaner UI, especially with themes and editors. We've also made some optimizations that lead to a roughly 30% increase in initial startup performance. Simple, but smart optimizations, like prioritizing loading of preferences before notes so that the proper sort order is set before notes start populating, and loading most recently modified items first, before any older items. The result is simple but drastic.

  3. Secure Spreadsheets Editor
    Yes—spreadsheets inside the comfort and privacy of Standard Notes. And it's really wonderful, with formatting, merging, formulas, currencies, and more. Excellent for small financial worksheets, like cryptocurrency tracking.

  4. FileSend, a simple and secure way to share encrypted files
    Files are deleted immediately after the recipient downloads them, or after specified duration. Extended members get some extra power-features, like email confirmation when their file is downloaded. It's also completely open-source, so feel free to self-host to get your own personal file-sharing portal.

  5. Gifts! 🎁
    You can now gift a Standard Notes Extended subscription to someone else, whether it be a friend or someone in your company. You can also choose whether you'd like the subscription to auto-renew with your payment (defaults to no). If you know someone that can benefit from encrypted writing, a gifted subscription can be an excellent choice.

  6. Extending subscription and changing plans
    On that same note, we've made it easier for Extended members to extend their subscription with extra time. Previously you had to cancel and then renew, but now it's much simpler. This is possible because we've rewritten much of the subscription management to be under our manual control, rather than relying on out-of-the-box solutions from Stripe and PayPal, which provide convenience but low flexibility. If you want to extend your subscription with more time, or change your plan, click the title link above.

  7. Economic Difficulty Discount
    We're also happy to offer a new "economic difficulty" discount, if you so need one. While the need for privacy continues to grow, we're still largely a speciality product, and speciality products need to be selective with their pricing. Ultimately, however, we don't want price to be a factor in whether you use Standard Notes or not. If you truly cannot afford our prices, then get in touch, and let's explore other options. Please note that we will likely be very selective with this as we experiment more with the idea. Any discount we do provide is only subsidized by other paying users, so please be respectful of their time and contribution before you make a request.

  8. Vindication
    I realize that saying Mark Zuckerberg in a privacy-centric email like this is like saying Voldemort at Hogwarts, but one of the largest technology companies in the world announced a new desire to shift towards a more privacy-centric direction. Sham or not, it's some serious validation for privacy enthusiasts who have for decades argued that privacy is the only way forward. And for all of us that have been taking privacy seriously "long before it was cool", it feels good to be on the right side of history.

  9. Why is X feature paid and not free?
    We wrote a post with more thoughts about our revenue model, and alternatives we could have explored. Our life might have been simpler adopting the "Netflix" model of a completely paywalled service, but the "freemium" model has been our fate, and deciding the balance between paid and free is tremendously difficult. We write this post as a general answer to the not too unfamiliar question of "Why is this feature paid and not free?"

  10. "Everyone asks what is SN but no one asks how is SN."
    We're doing great, thanks for asking. Financially, we stand on stable ground. Generally, subscription revenue makes sustainability a much easier topic than if we featured a one-time payment model. We don't think we'll be going anywhere anytime soon, especially with the upward trend of privacy. We're grateful to everyone who believes in us enough to be a paid subscriber. It's really you offering this application to the world, and not us. We're excited to see what the next ten years bring, both in terms of challenging ourselves to keep the application as simple as possible, and yet continuing to innovate in the space of extensibility and data care.

  11. Help support our continued development →
    It's not everyday we get a chance to communicate directly with so many of you at once. So, if you cared enough about our updates to read this far, thank you. And quite literally, none of this would be possible without your support. While advertisers might have tried to convince us all otherwise, nothing on the internet is truly free. We realize that saying this is mighty convenient for our own cause, but we do truly believe: pay for software you love. That's the only way it sticks around. If you haven't yet gotten the chance to give Extended a try, feel free to give it a go. We have a special 5-year plan that comes out to $30/year as a sort of fundraising model (#NoIPO). Of course, we only want your money if you're really going to get the most of all the additional productivity tools Extended offers, so we offer full refunds within 30 days.

This post was sent as an email newsletter to Standard Notes users on March 13, 2019.

Why is X feature paid and not free?

To better answer that question, we'll take a small look back at our history, and alternatives we could have entertained.

In terms of achieving sustainability by collecting payment from our users directly (instead of say, advertisers), two popular models come to mind:

a. The entire product is behind a paywall (the “Netflix” model)

b. Some, but not all, features are behind a paywall (the “freemium” model)

Ideally for us, the entirety of the product would have been a straight-forward "pay to use" interaction. This would translate to 100% payment-supported interactions between us and our users, in terms of both infrastructure and support. However, early on, launching as a fully paid product can be a bit risky. Users need to trust the product in order to pay for it, yet how can they trust something they haven’t used? A free trial perhaps? Maybe, but with something like notes, it may take several months before you feel settled in. The “some but not all” model seemed to be the best fit for our situation.

Physical circumstances aside, and ideologically, we’re a free product that wants to be paid. Long-term sustainability is hard, and without every user contributing their fair share, longevity enters into question. The freemium model is very conducive towards growth and attracting a large number of free users in hopes they become paid users. However, unchecked exponential growth isn’t what we’re after. If the best of the freemium model is hundreds of millions of free users with a seemingly standard industry conversion rate of 5% to paid, this would call on the 5% to support the entirety of infrastructure and support interactions on behalf of the hundred million. It’s quite an awkward balance.

When we get the reaction that two-factor authentication (or a dark theme, or a Markdown editor) should—nay, must—be a free, core feature, our reaction is: well, who’s paying for it? We certainly can’t be the one to subsidize that feature, and neither can our non-existent advertisers. So we look to our paid Extended subscribers. They have to foot the bill, on behalf of everyone else that may not want to pay at all for any feature of Standard Notes.

And this brings us to the most essential challenge of all: we built Standard Notes to be feature-complete without any extensions. That super slimmed down encrypted notes application where you could only write text and sync it to your other devices with no images or files or formatting? That was the entire vision for Standard Notes. But people wanted more. And we needed a revenue model. So we built an extensions infrastructure that extends functionality without jeopardizing maintainability and stability. By nature, these extensions were “nice-to-have”—that is, a large number of our users said, “I don’t utterly need these features—the free version is sufficient.” And so what happens when a large number of people begin saying “the free version is sufficient”? Well, there become not enough people paying to subsidize free users.

We needed to make Extended more essential. More important. Otherwise, this platform couldn’t exist at all. Some users may think, “this feature should be free” or “that feature should come standard”, and so they imagine a world where the perfect notes app comes fully-suited out of the box at no cost. For us, this world is dangerous, and quite simply, cannot exist.

Some may see our nice free application, and think, this would be near perfect, if only it had a dark theme for free! It’s not too uncommon that a negative review might say that exact thing. Such users may, upon seeing a free application with a nice-to-have feature behind a paywall, think ah, so close! Almost within reach! But the money-minded devs put it behind a paywall! The world thus imagined is that a great piece of software or an instrumental feature should be completely free, because the work to build it is one-time and already done. The world imagined is one where beloved advertisers, who have raised us and shaped our beliefs on the internet since its inception, pay the bill and continue to decide what is and isn’t appropriate content. The world they envision is precisely the one we’re trying to change.

So, the answer to the general question of “why is this feature paid?” is that if it weren’t, we wouldn't be here today, and you wouldn’t be asking that question.

The 3.0 Update

Standard Notes 3.0 for desktop and web introduces a more refined experience, combined with quality-of-life improvements that are sure to delight. Here's what's new:

Introducing Privileges.

Privileges allow you to require your account password or local passcode to perform certain actions in the app. Actions include:

  • Download/Import Backups
  • View Protected Notes
  • Delete Notes
  • Manage Extensions
  • Manage Passcode
  • Manage Extensions

The key privilege is "View Protected Notes". If you protect a note and enable this privilege, credentials will be required to access/view the note.


3.0 also introduces autolock, which allows you to specify when the app should automatically lock itself if you have a passcode lock. The autolock timer begins when the window loses focus.

Improved Themeing

Themes will now look much more consistent, especially across extensions. All Extended themes have also been revamped to look much cleaner and thicker.

Themes are now easier to toggle between using dock shortcuts, which will automatically appear in the bottom right corner when you install or update your themes to the latest version.

(If you experience any issues with theme display, try uninstalling the theme and reinstalling, to ensure that cache is not coming into play.)

Other changes

  • Reverse sort option to sort by date added, modified, and title in reverse.
  • Editor stack extensions (like the Action Bar and FileSafe) can now be quickly toggled using the dock below the editor. Stack extensions are now disabled by default for every note, and can be permanently enabled by toggling the extension for that note.
  • Consistent Windows scrollbars across all extensions and themes.
  • Lock screen will now use last active theme.
  • Expired Extended will now result in extensions being put in read-only mode, rather than seeing a blocking "Expired Extended" screen.
  • Session history and Note history will now display with the note's respective editor, if applicable.
  • Panel resizers will now blend in with the editor UI more when they are collapsed. On Mac, the notes panel and editor panel will also automatically adjust to avoid the window management buttons in the top left.
  • Loading editors and extensions using dark themes should now see the white flicker disappear for the most part. You may still see it occasionally, just due to the differences in loading speed from time to time.
  • Extensions that have difficulty loading will now automatically try reloading.

Note to Extended users

Almost every extension was updated as a result of this update (editors, themes, and other extensions like Folders and Quick Tags). With the web app, the latest version of extensions will automatically be used (you may have to explicitly clear your cache). With the desktop app, the extensions should autoupdate. However, if you notice any inconsistency between themes and editors, you may be seeing a cached version. Please be sure to open the Extensions manager and make sure all updates have been applied, then refresh the app.

Encrypt your Dropbox and Google Drive with Standard Notes FileSafe


Users depend on Standard Notes for their most important creations, from notes on projects, to credentials and passwords, to thoughts, ideas, and the entire spectrum of output from their life’s work.

We start with a very simple core experience, offering encryption and easy sync out of the box at no charge so that users around the world can gain a safe place to store their life’s work, without worrying about all the peeping that cloud-based services usually succumb to. With encryption, and particularly end-to-end encryption, only you can decrypt the contents of your notes. Not us, not your ISP, and not even your government can decipher your notes. Total privacy is a requisite for participating in modern digital society, and we’re happy to provide this safe haven of free thought and exploration for everyone around the world.

Today we are happy to announce the release of a new platform that brings the same total privacy you’ve come to expect from Standard Notes for your notes, but to an ever greater aspect of our lives: our personal files. Millions, if not billions, of users today depend on plaintext cloud services like Dropbox and Google Drive to store their most important files—files so important, that users place them in the cloud so that they are not lost if something were to happen to their physical device. These plaintext clouds, however, suffer from one main issue: Dropbox, Google, and similar organizations are free to do as they please with this data, because it is not encrypted. Therefore, ownership ultimately lies with these private corporations, and not by you, even if their ever-changing privacy policy seems reassuring.

FileSafe is a new platform by Standard Notes that integrates directly with your day-to-day usage of Standard Notes, and serves as an encryption intermediary between you and your favorite cloud provider. When you use FileSafe, you attach files (images, videos, documents, and any other kind of file) to your individual notes. These files are then encrypted by Standard Notes offline (client-side) first, then uploaded in their encrypted form to your Dropbox, Google Drive, or WebDAV compliant server (Nextcloud, ownCloud, Seafile, Synology, and others). This means that the files you upload via Standard Notes to your cloud cannot be peeped on or seen by your cloud provider, thus ensuring that ownership of these files ultimately resides with you (i.e Google can’t monetize your encrypted files and Dropbox can’t run user studies on them).

Uploaded files can then be downloaded from the FileSafe interface, whereupon encrypted data is retrieved from your cloud provider, decrypted client-side by the Standard Notes FileSafe extension, and then downloaded to your disk.

At no point in this process does unencrypted, plaintext data ever leave the safety of your own computer. With Standard Notes, if it touches a cloud, it’s encrypted.

Because we integrate directly with your cloud provider, we do not instate any storage quotas, other than what may already be instated by your provider. So if you have 1TB of storage available, you’re free to upload as much as you’d like. Note however that due to the browser-based client-side encryption process, individual file uploads are currently limited to 50MB, making it suitable for images, videos, and documents. However, you are free to upload as many 50MB files as you’d like. This limitation is something we hope to improve upon in the future as we explore concepts like file chunking to break apart and encrypt larger files.

FileSafe is available to Extended subscribers. For users who are already subscribed to Extended, you can begin using FileSafe by installing it through the Extensions portal in your web or desktop application. If you’re new to Extended, you can learn more about our extensions program which offers several benefits, like access to powerful editors, themes, daily cloud backups, and more. Learn more about Extended.

If you have any questions, please don’t hesitate to get in touch.

Security Update + Bye-Bye Mailchimp

We have some exciting new progressions for Standard Notes to share:

1. A security update is available.

The Standard Notes server is built on top of an open source framework we develop called Standard File. Unlike typical servers, Standard File is designed to be trustless; that is, even if the server is hacked or compromised, your account and data won't be. Instead, we developed the Standard Notes architecture to trust the application you use on your devices, rather than the server that's beyond your control and out of your sight.

This security update decreases the reliance on a trustworthy server even more, by combining server output with application input to create a healthier balance of trust. If you're interested in the full details, please read the in depth explanation here.

As for you: when you upgrade your desktop application to 2.2 (or use the web app), you'll see a green message in the footer: "Security update available." Please follow that process to upgrade your account to the latest security version.

2. Bye-Bye Mailchimp

This is a big one. We're cutting ties with Mailchimp. And we've taken on the harrowing task of building our own user-messaging email implementation. This email you're reading? This is officially our first Mailchimp-free all-user email :)

Why? We didn't feel right passing on your email to Mailchimp, regardless of the privacy policy they had in place. But, building a custom campaign architecture is a tremendous undertaking, which we could not focus on until very recently, thanks to your support. We're proud to say that our new email system is finally complete and deployed, and your privacy protected by yet another measure.

For a technical overview, please read our blog post:

Bye-Bye Mailchimp →

3. App improvements

Desktop and mobile versions 2.2 are now available, and come with some great under-the-hood improvements. Namely, incremental loading means that your app will now start up much quicker, and allow you to get to work while the rest of your notes are loaded and decrypted in the background.

On mobile, Extended editors will now load much quicker, especially on iOS.

If you have any questions, please don't hesitate to get in touch.

Bye-Bye Mailchimp

Some time ago, a user, in response to an email we sent out to everyone outlining some new app updates, said that he did not feel comfortable with us using Mailchimp to send out newsletters. Privacy is first and foremost on our list of priorities, and this user had a great point. But, if not Mailchimp, how else could we manage to send emails on a large-scale basis? There aren’t really any privacy-focused email services, nor am I even sure what that would look like. The only solution was building our own.

Building our own was something we were reluctant to undertake. Forums on the web speak of the unthinkable dangers involved in managing your own email service. There’s just too much infrastructure that needs to be set in place before one can deploy a functioning mass email system, including handling bounces and complaints. Not to mention the scary aspect of risking a poor deliverability rate if these components are not handled properly.

Challenges and impossibility aside, we had no choice in the matter. Privacy is important, and the less dependencies we have on fluctuating third-party privacy policies, the sounder we can sleep at night.

As of June 10, 2018, Standard Notes sends emails completely independent of Mailchimp, including mass emails. We use a custom built architecture on top of SQS and SES, which we share below, that fulfills our simple requirements in ways Mailchimp couldn't.

There are a few components worth mentioning:

Unsubscribe Mechanism

One of the most limiting aspects of Mailchimp, and many other newsletter service providers, is the default unsubscribe mechanism. Out of the box, you only get a “Unsubscribe from all email” option. What if you want to give users the option to unsubscribe from only a certain subset of emails but still receive other important email? You may be able to pull it off in Mailchimp using lists, but it’s unwieldy and difficult to customize.

One of the first things we designed in our system is a new kind of email subscription system that’s easier for both users and company alike to manage.

Each user in our system receives an EmailSubscription object. Each subscription carries a level field, which indicates the level of email this user has indicated they wish to receive. For us, this range is from level 0, which is completely unsubscribed, to level 3, which is the “hear everything we have to say” option.

Each email we send will have two options in the footer:

  • Decrease email level
  • Unsubscribe from all email

When a user clicks either option, they are taken to this page:

Pressing unsubscribe sets their email level to 0, and pressing decrease will decrement their existing level. This model makes thinking through subscriptions easier, and makes adjustments feel more natural. From a user perspective, Unsubscribe is traditionally a very permanent action, without an easy way to recover from.

Using email levels makes changing preferences non-permanent, and a user can quickly go up or down on the levels, depending on what feels right to them. We’ve personally always been a "Level 2" sort of company, sending an email on the order of once every month or two, but a large part of that was probably due to using an inflexible email system.

Technical Overview

Job Queues

We use Simple Email Service from AWS as our email provider. The tricky part was working with SES’s maximum send rate, which is the number of emails you can send per second. Ours is not too large, so we had to make sure that our queuing architecture didn’t dequeue faster than our limit.

We use Shoryuken to integrate our Rails application with AWS’s SQS. Shoryuken is a well designed open source library that makes integrating with SQS extremely simple.

Our email sending limit L was 28 per second, so we had to make sure that no more than 28 jobs ran per second. To do this, we configured the Shoryuken concurrency value to a little less than 28. On average, each email sending transaction takes 0.5 seconds, so we measure the time difference between start and finish, and if it’s less than 1s, we sleep for the difference. This ensures that no more than L jobs are handled per second. There are likely better ways to handle this, but for our size, this solution works well.


Rails comes with easy SMTP integration out of the box. However, managing the lifecycle of ActiveMailer jobs is not particularly straightforward. It was important we know when an email delivery began and ended, especially with regards to our queueing limitations. With ActiveMailer, pulling this off on a per job basis was tricky and tacky. SES provides an HTTP based API with an easy aws-sdk-ses gem. This allowed us to track requests on a per job basis using familiar begin/rescueblocks.

Sending an email using the HTTP API is straightforward:

subject = campaign.subject
htmlbody, textbody = campaign.get_html_and_plain(transaction)
encoding = "UTF-8"

ses = Aws::SES::Client.new

params = {
  destination: {
    to_addresses: [
  message: {
    body: {
      html: {
        charset: encoding,
        data: htmlbody,
      text: {
        charset: encoding,
        data: textbody,
    subject: {
      charset: encoding,
      data: subject,

  source: sender

resp = ses.send_email(params)

Email Templating

Rendering and styling emails from a template file was another tricky part of our implementation. If you’re using ActiveMailer, this is automatically handled and made tremendously easy. For our implementation, we needed to dynamically read a layout file (contains shared HTML, like headers and footers) and a template file (specific per email), combine the two, replace any ERB tokens (<%= user.unsubsribe_link %>) with proper values, and finally, and probably most importantly, apply CSS styles to elements inline. Finally, we needed to do all this in a performant manner.

The solution that worked best for us was to precompile whatever parts of the template we could as part of the build process, and dynamically handle as little as possible per email sent.

We used Premailer, which in my experience has been a must in making emails look good. Premailer will apply CSS styles to HTML elements inline, ensuring proper compatibility across all email clients. However, Premailer can be slow, and we found that when rendering templates and styles dynamically per email sent, each transaction would take 5 seconds to complete. That’s no good. What we needed was a way to precompile templates with styles before run time. This was tricky, but here’s how it works:

Each email campaign is an object with a precompile method, which is run during build time:

def precompile
  layout_path = "#{TEMPLATE_ROOT}/layout.html.erb"
  layout_raw = File.open(layout_path).read

  template_path = "#{TEMPLATE_ROOT}/#{self.template}"
  template_html = File.open(template_path).read

  result = layout_raw.gsub("<%= yield %>", template_html)

  premailer = Premailer.new(
    :with_html_string => true,
    :css => [
  premailed_text = premailer.to_inline_css

  path = "#{TEMPLATE_ROOT}/generated/#{self.template}"
  File.open(path, "w+") do |f|

Then, during runtime, and for every email sent, we render the precompiled template with proper user values:

def get_html_and_plain(user)
  template_path = "#{TEMPLATE_ROOT}/generated/#{self.template}"
  template_html = File.open(template_path).read

  rendered_template_html = ERB.new(template_html).result(binding)

  # HtmlToPlainText is part of Premailer
  include HtmlToPlainText
  plain = convert_to_text(rendered_template_html)
  rich = rendered_template_html

  return rich, plain

The result: Each email transaction takes less than half a second to render and send. Success.

What’s Next

We're ecstatic to be closing down our Mailchimp account, saving quite a bit on monthly costs, and more importantly, taking stricter measures to protect user privacy by removing dependencies on capricious third-party privacy policies. Email is an important part of any web company, so it’s worth putting the time in to build a well-fitted solution.

If you want to build your own simple email campaign system for your Rails app, you can check out our recipe, which includes the classes, controllers, and jobs we used in our implementation.

What is Standard Notes?

We build an open source, encrypted notes app that respects user privacy and productivity. Standard Notes features a suite of simple cross-platform applications with seamless sync, and an extensions system that offers a wide range of editors (including Markdown, Tasks, Vim, and Code), themes, automated cloud backup options, and other useful features.

You can learn more at standardnotes.org.

Editors on Mobile and Desktop Highlighting

Some said this day would never come. Others have doubted its overall feasibility. But it's here. And it's great. Editors are now available on mobile. No more unrendered Markdown, HTML, or tasks.

Your favorite Extended editors are automatically available in the latest version of the iOS and Android app, including the Plus Editor, the Advanced Markdown Editor, and the user-favorite Simple Task Editor.

Here's what's new since last time:

1. Editors on mobile.

You can now access your favorite editors from your Extended account. Click on the tags icon (on Android) or the Manage button (on iOS) in the compose window to choose an editor for a note. 

Note: editors must be already installed from the desktop/web app for them to appear on mobile. If they don't appear, please sign out then back in. Editors were previously ignored in sync, so a fresh sync may be required.

2. Desktop search highlighting!

Search results are now highlighted across the entire interface when you perform a search. Now find exactly what you're looking for.

3. A fancy new Markdown editor.

The Fancy Markdown Editor is a beautiful split-pane Markdown editor with synced-scroll and LaTeX support (for math heads).

4. No Distraction — a new theme

It's the simple things. No Distraction quickly hides all interface elements so you can focus on your writing. It creates a distraction-free writing environment for high levels of clarity and focus.

5. The Student Discount

Notes are an essential part of the student experience, and we're happy to now offer a 30% discount on the annual plan to students looking to maximize their focus with a simple and accessible note-taking solution. Students interested can email students@standardnotes.org from their student email to receive a preapproved link for a discounted checkout.

Last but not least:

We get asked frequently about lifetime subscriptions. We'd like to model our business on forecastable methods, and prefer not to offer something we can't fully comprehend the magnitude of.

Rather than turn away users who are just as passionate about improving their notes life as we are, we'd like to offer a solution that reduces the risk for us, but also accommodates the long-term user.

The 5-Year Plan is our take on a sustainable long-term plan for our Extended services, which offers a one-time payment at long apart intervals, such that you can enjoy our service for many years to come without thinking in terms of annual renewal.

It's available now for $99.

Join the 5-Year Plan →

Introducing two-factor authentication and offline extensions

Let's get right to it: we have a new update (v2.1), and it's probably our most important one yet. Here's what's new:

1. Two-factor authentication.

2FA will have you feeling warm and cozy as you sign in with high levels of additional security. It's now available for Extended members. Be sure to upgrade your apps on every platform to the latest version. Learn more about setting up two-factor authentication.

2. A new extensions manager.

Now you can browse and install extensions without ever leaving Standard Notes. The new built-in Extensions Manager makes browsing, installing, and activating extensions easier than ever.  

3. Offline installation of extensions.

This is a big one. Previously, extensions like editors and themes were downloaded from a server every time you wanted to use them. Now, on desktop, extensions are automatically installed locally and offline, so you can use them without a connection. This also improves security by not relying on an external server for extensions.

4. We've given our desktop and web app a clean makeover.

The new interface for menus and panels is cleaner, easier to use, and much more pleasant to look at. You'll like the way it feels.

5. We now support all major cryptocurrencies as a payment method for Extended.

It's no secret that Standard Notes is a great place for secrets. Crypto enthusiasts and banking over-throwers can now purchase Extended and help support continued development with most major cryptocurrencies, like Bitcoin, Ethereum, Litecoin, Monero, Ripple, Verge, and many more.

Automatic Backups, Simple Task Editor, and a Solarized Theme.

A quick few announcements:

1. We added automatic local backups in Desktop v2.0.3.
Backups are an important part of our 100-year plan. They protect you and us from the unexpected and catastrophic. Now in the latest version of the Standard Notes desktop app, encrypted backups are automatically made every day when the app is in the background. You can access these backups via the "Backups" menu item.

2. We introduced a new theme: Solarized Dark.

A beautiful theme that feels right any time of the day. It's now my go-to theme when I need to focus and write calmly.

3. A new way to work: the Simple Task Editor.

A lot of us use Standard Notes to keep track of important tasks and daily to-do's. This is why we created an all new task editor from the ground up. It automatically converts your current task lists into individually manageable tasks. You can mark tasks as completed, change their order, and edit the text naturally in place. It's a great way to manage both short-term and long-term to-do's.

4. Create your own blogging publication directly from your notes.

We've put a lot of work into our note sharing platform called Listed. Listed allows you to publish and share notes directly from the Standard Notes web and desktop app. Best of all, it allows readers to subscribe to your new posts. Your subscribers are immediately notified by email any time you publish a new post. Unlike Medium, Listed allows you to own your content source, and have a more direct communication channel with your readers.

5. A reminder to upgrade your mobile apps.

We sent out an email last month about our new V2 applications for iOS and Android. These apps are distributed under new listings in both Google Play and the App Store, so you'll need to download these manually (and not auto-update). If you're still running versions 1.x on your mobile device, make sure you upgrade immediately to avoid issues.

Enhanced security with Device Storage Encryption

Last week we introduced a new security feature called Device Storage Encryption (DSE) for iOS, Android, Web, and Desktop. We mentioned briefly how in addition to the already end-to-end encrypted sync Standard Notes provides, DSE can further safeguard your data by making sure unencrypted data never touches a hard drive. This post explains how DSE works, and how it fits in with the existing encryption technologies used by Standard Notes.

Standard Encryption

When you’re using Standard Notes with a signed in account, we generate private encryption keys from your password, and save these keys on device. Every key stroke you type, and thus every change you make to a note, is immediately encrypted using these keys, then synced to your other devices. Since you’ll have signed in to these other devices as well, those devices will have your encryption keys available to decrypt incoming changes.

Expanding our Threat Model

Before DSE, your encryption keys would need to be stored on your local computer without being encrypted. This was because without an additional password, there would be no straight forward way to encrypt your keys for offline storage (particularly on the web app). Our main threat model (or, what we set out to protect against) was making sure no one but you can read your notes. We treated servers and unencrypted online transmission of data as the main enemy. Your personal device, protected by you in the comfort of your pocket or your home, we treated as safe.

With DSE, we expand our threat model to also protect you from device seizures, loss, and theft. All of our applications on every platform (Mac, Windows, Linux, iOS, Android, and Web) now offer the option to add an extra application password called a “Local Passcode”.

This passcode serves two purposes:

  1. It will lock the application with a passcode which must be entered before you can enter, use, and read application data.
  2. On Desktop and Web, it will encrypt your local key storage. This means that keys that were once stored on your offline device without encryption will now be encrypted using AES-256 with a key derived from your local passcode using PBKDF2.

The result is actually kind of cool: unencrypted data never touches your hard drive, or anyone else’s hard drive.

How it works:

  1. On enter, the app prompts for your local passcode.
  2. It compares the hash of your inputted password to a saved hash, and if correct, uses your inputted password to generate the remainder of your keys.
  3. These keys are used to decrypt your saved account encryption keys.
  4. The application now reads encrypted data from your local database, and decrypts this data using your decrypted account keys.
  5. The decrypted data now lives only in ephemeral memory, and is displayed so that it can be edited by the user.
  6. When you make a change to a note, it is encrypted immediately, then synced to your account and saved in your device's database.
  7. Finally, when you quit the app, the decrypted data which lived in memory is immediately destroyed.

So what?

What’s the significance of decrypted data never touching your hard drive? Well, hard drives are sort of tricky to keep an eye on. Once a file touches disk, you can’t be certain that a copy of it wasn’t made, or that it wasn’t backed up by your system, or synced to a file syncing platform. With memory, things are more volatile, but ephemerality is built in. You can be sure that it won’t be backed up by a system process or 3rd party application.

(On iOS and Android, your keys are stored in your device’s secure keychain, so a local passcode serves more as a deterrent to unwanted physical access, compared to the web app, where a secure device keychain is not available.)

You can learn more about our other privacy measures here. You can also download the new applications for your platform from our downloads page. And as always, if you have any questions, please don’t hesitate to reach out to hello@standardnotes.org.

Introducing our new Android, iOS, and Desktop apps.

A letter to our users:

Dear note lovers and encryption lovers,

We know you love notes. And the secure feeling a private online life gives you.

So, we made something for you. I think you're going to like it.

A powerful new notes app for iOS and Android (and Desktop).

It's more secure.

Device Storage Encryption now encrypts your data before saving it to your local disk. Lock your app with a passcode to require authentication on launch and, on desktop, to encrypt your local key storage. And now for Android as well as iOS, protect your app with a fingerprint lock.

It helps you be more productive.

Pin your notes to the top of your list, so that notes and tasks you edit often are always within reach. Archive notes to stash them away, or unarchive to bring them back. And, new on Android, sort your notes by when you added them, when you modified them, or by their title.

It's beautiful (we've been told).
Our beta testers have told us how much they love the new look and feel, and how pleasant it is to use on a daily basis. Best of all, the themes you know and love from desktop now work on mobile too (and they look stunning if we may say so ourselves).


The new apps for iOS and Android are released for free as separate apps from the original. (This update is backwards incompatible with the previous version, which is why it's being released separately.)

Get the new iOS app.

Get the new Android app.

Download the new V2 Desktop app from our downloads page, or auto-update it from your existing application.

We hope you enjoy the love and hard work we put into this release, and that it makes your notes life easier and gives you more space to do your best work.

The Unexpected Benefits of Encrypted Writing

Let's admit, shall we, that freedom has to have its own space.

I've spent about the last decade of my life developing tools for note taking and file management, the most important of which is an encrypted note-taking app. And when I talk to others about how their lives changed once they knew their thoughts and words were private, the response is always the same: "I feel free," is what I hear. They talk about the subtle, but powerful, difference privacy brings you. You become accustomed to the luxury of knowing what you say will never be repeated.

Those who haven't tried the private online life ask me what it's like. Well here you go:

Imagine you were in a room with 50 people. All around you, in every direction, are people breathing in the same circulated air as you. It's crowded. The environment dramatically changes your thoughts. You are distracted. You are influenced by what you hear. You don't have the same thoughts you have as if you were alone.

Now imagine that every thing you said in that room had a 1% chance of being heard by someone else. Life changes. Suddenly you worry what you said. What you might say. You are a whole different person. You become a subdued version of yourself, limited in your creativity and oomph.

Internet living is about being in a room with 50 million people. We are not ourselves there. We have to be much more cautious about ourselves. We adapt to wherever we are. And ourselves multiply. We are a hundred different people, depending on where we find ourselves on the world web that day. I know that when I speak with friends on Slack, or write a note on Evernote or Google Docs, there is an ever-present 1% chance that what I am typing will one day be seen by someone else. And with this thought lingering in the back of my mind at all times, I do not write like I would write in a private journal. I write as if an audience were present. I pause between every few sentences to look both ways.

I write as if to say, "If this got out, how would it make me look? What would others think of me?" And in that way, my writing loses its most important part: me.

That's why I spent the time on encryption and privacy. I don't want the worry and the hassle of others watching me. I don't want to have to check my doors every night. I want to know I am safe to be me. And safe to have my best thoughts. To write without worry of perfection.

I just want to write like it's nobody's business.

Announcing Our Security Audit Results

A few months ago, we hired an independent security research firm to conduct an audit on the encryption specification used by Standard Notes. In building out our product, we spent a lot of time making sure our encryption is as strong and fool-proof as possible. While it's easy for one to feel confident of their own work, a security audit is a must for any privacy-focused project to assure the developers and customers alike that data being encrypted and transferred is done safely and securely.

We're happy to announce the results of our first third-party security audit, and share in this milestone with you while we continue on our journey to build the most private notes app in the world.

The full report is attached below for the crypto-minded. Security is a moving target, but we're happy to report that this report does not find any major weaknesses in our data encryption flow, which is the largest part of our crypto implementation. Instead, it identified two main places in which security could be improved:

1. Verifying login parameters from the server. It's standard practice for a modern web app to trust that what the server has sent for a particular user is associated with that user. For Standard Notes, we distrust the server a little more, and instead place trust on the applications that are running on the machines our users control. We were happy to learn about this as it has allowed us to add an additional layer of protection from the out-of-sight server.

2. Ensuring that the ID of the data item is not exchanged with another item. This is an issue with little practical exploitability. But it is important to protect against nonetheless. Now, when your app decrypts an item, it makes sure that the data contents of the item match the ID of the item it was originally created with.

Both of these improvements, along with others, are now live in the latest versions of Standard Notes on all platforms. With this launch, we also release the latest version of our encryption specification. Any new data you create is automatically secured with the most powerful version of our encryption spec. For data created before this launch, read here for instructions on re-syncing.

We're proud to say that we're amongst the only private notes apps to have completed a third-party security audit. With our applications built for maximum longevity, we're confident we can continue protecting your data now and long into the future.

As always, thanks for your support. Please don't hesitate to reach out with any questions.

View Report

Introducing Components for Standard Notes

We're excited to announce the launch of four new powerful extensions that take your simple Standard Notes experience to a new level.

We decided early on that simplicity is the only way to achieve quality, stability, and longevity in software. Too often we see apps we depend on implode from their own complexity or become completely unusable from endless bloat. We knew that if we wanted to avoid this death trap, we had to design our system differently.

Extensions have been the perfect solution for us. We get to keep our core suite of applications as simple, fast, and reliable as possible. For the million and one other features users will want and invariably need, we created Standard Notes to be extensible.

Up until now, extensions have been limited to only certain parts of the app, like menu actions and custom editors. Today we're announcing a new class of extensions called components.

Components allow you to completely swap out sections of the app with custom modules. With components, you can build a custom tagging system, custom note list views, utility bars that allow pushing a note to WordPress and GitHub, and more.

Today we're announcing four new components:

1. Folders

2. Autocomplete Tags

3. Action bar

4. Github push

These extensions are now available in your Extended dashboard. If you're new to Standard Notes, get started by downloading the app here, then visit the Extensions directory to learn more.

Components use a special offline messaging system to deliver an extensible application even in the web browser. In fact, we make sure that our web application is always as powerful as our desktop applications. This is essential to our goal of longevity, because while desktop platforms may come and go, or be updated to oblivion, we're counting on the web to always be present no matter which platform you use. Powerful web access means as long as web browsers exist, Standard Notes exists.

Developers should check out our getting started guide to learn more about developing a component for Standard Notes.

We're beyond excited to get this in your hands and begin exploring the possibility of what a fully extensible notes app looks like.

If you have any questions, please don't hesitate to get in touch.

Don't be fooled: Metadata is the real data

In a crime case, investigators don't have access to "the truth"—the data, if you will. All they have are clues which can be put together to make as perfect a guess as possible as to what the nature of the truth is. Metadata.

In the U.S, governments have played coy and attempted to talk down efforts of mass surveillance, particularly phone surveillance, by asserting that the actual contents of the call are not collected—only the metadata is:

  • Where you were
  • Who you were calling
  • How long you talked for
  • How frequently you talk to someone

In a crime investigation, having the answers to these kinds of questions could potentially make or break a case.

And that's precisely why governments collect this kind of information: it is powerful fodder in a legal setting. In an example most of us are probably familiar with, you can see that who Adnan Syed called and when were some of the most important deciding factors in placing him in a jail cell.

And as it can be used for legal justice in some cases, or the "good", it can also be used against you, like you're warned of in your Miranda rights.

So what do we do?

We protect ourselves and the people we care about, not against the government, but the possibility of government. We don't speak unless we have an attorney present. We plead the fifth.

We encrypt our data.

Smarter people before us have understood the unstoppable nature of government power, and have put in provisions such as separations of power and the Miranda rights precisely for this reason.

And today, smart people advocate endlessly for the encryption of your data as a form of self-protection. With anti-privacy legislation being signed today with a flick of a pen, it's more important than ever to understand that even metadata can and will be used against you. And, in the court of law, even if you have nothing to hide, or are fully innocent, you are still advised and even required to have a lawyer present before you can testify. Why? Because history.

Legal waters are not somewhere you want to swim in alone.

So the next time you hear that it's only "metadata" being collected, don't be fooled: metadata is the data.

This isn't to say that you shouldn't use apps that record metadata. Metadata is what allows a lot of your favorite apps to organize and keep your data in sync.

It's to instead say you should find no comfort in the fact that governments rely on the "metadata" crutch to make you feel ok with what they're doing.

The Bill of Rights of the United States constitution is about personal protections. These being such a fundamental part of our constitution is no coincidence: these were real dangers at some point.

  • The right to free speech
  • The right to bear arms
  • The right to remain silent

In today's world, we are the forefathers of a new constitution, a new amendment:

The right to encrypt.

It won't come easy, but then again, nothing important ever does.