this post was submitted on 18 Feb 2024
161 points (98.8% liked)

Open Source

31111 readers
286 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
161
Treedome 0.4 Released (programming.dev)
submitted 8 months ago* (last edited 8 months ago) by [email protected] to c/[email protected]
 

Treedome is a local-first, encrypted, note taking application with tree-like structures, all written and saved in your computer

Currently you can only try it by building it yourself, instruction here. https://codeberg.org/solver-orgz/treedome/src/branch/master/docs/building.md But .deb and nixpkgs update is planned to follow suit though! You can also try an outdated one in https://aur.archlinux.org/packages/treedome-bin

Tell me what you think about it!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] -3 points 8 months ago (1 children)
[–] [email protected] 10 points 8 months ago* (last edited 8 months ago) (2 children)

because not all encryption is created equal.

Also password managers should lock after some seconds. You wouldn't want your note taking app to lock as frequently as your password manager.

The key to opsec is compartmentalizing.

[–] [email protected] 5 points 8 months ago (1 children)

This. Good password managers are careful with securely handling stuff like data caching, etc

[–] [email protected] 0 points 8 months ago (1 children)

Good password managers, but what if not every single person wants to use "good password managers"

I agree it's not perfect, but at the same time it's better than using some third party service, or using plaintext, or using the same password everywhere

If somebody wants to use some gocryptfs or veracrypt for storing passwords, why not, it's not the best, but still pretty nice

[–] [email protected] 1 points 8 months ago (1 children)

Good password managers can even check the current open browser tab domain and autofill securely. Your random note taking app won't detect a phishing site.

[–] [email protected] 2 points 8 months ago (1 children)

On desktop it's the matter of extensions, so following your idea keepass or pass won't make a good password manager without a third party browser addon

[–] [email protected] 1 points 8 months ago

Keepassx comes with its own extension you can install

[–] [email protected] -1 points 8 months ago (1 children)

because not all encryption is created equal.

XChaCha20-Poly1305 is used by a lot of stuff, pretty solid thing

Also password managers should lock after some seconds. You wouldn't want your note taking app to lock as frequently as your password manager.

I would love my notes to lock in some time

The key to opsec is compartmentalizing.

It's more true for privacy and anonymity, but security doesn't really care about compartmentalizing your everyday notes from your everyday passwords.

And in general, some people might need some lighter approach for storing passwords, unless it's some google keep, or some other plaintext, I think it should be fine

[–] [email protected] 1 points 8 months ago* (last edited 8 months ago)

Just for disclaimer, @[email protected] isnt me. I agree, even though the encryption used in treedome is pretty solid (imo), my note taking app is definitely not recommended for keeping your password. Use a dedicated password manager, open source one ofc. I think the lock time idea is good.

But I did put my password there, for when I can't access my other password manager. Backup of a backup of a backup.