What I did:
I use AGENDA more often for some days
What happened:
What I expected:
Sometimes, I want to write some tips which are confidential. and I need absolutely to be sure that my backup and my journey is encrypt and tha I’m the onlys person who’s in capability to read what I try to remember.
Things that might be helpful to know (Agenda version, OS and model, etc):
MacBook PRO Intel (15-inch, 2017), chipset : 2.9 GHz Intel Core i7
Mac OS : Moterey 12.5.1
Agenda : 14.11 (231)
The encrypt data need no synchronisation with calendar.
Thanks for the feedback. We do have plans to allow you to “hide” note content. and we are also interested in making it possible to encrypt data that is uploaded or stored in the cloud. The are in our roadmap.
Just curious – does Agenda use CloudKit for syncing our data between Apple devices? CloudKit has end-to-end encryption doesn’t it? So, wouldn’t we already be protected?
My knowledge on this topic is paper thin, of course.
Yes, it uses Cloudkit, and data is store encrypted on Apple’s service, but Apple (and only Apple) has the keys. True end-to-end encryption is something that we have (and plan to) to add.
Your answer and Drew’s answer are different and mean different things. So which is the case. Is all Agenda data encrypted using Apple’s keys. And now that Apple has changed their encryption model will you be able to take advantage of that change? In time of course.
Sorry for the confusion, the “hiding sensitive note content” that Drew refers to is indeed unrelated to E2E encryption and will be part of an update he’s working on in the near future. E2E encryption is not part of that but nevertheless we’d like to support at some point in the future, but we can’t tell yet when that will be. Hope that clears things up.
I’m maybe missing something here…will the E2E encryption on iCloud which was just announced be an ‘opt in’ thing for 3rd party apps? Or is it the case that 3rd party apps will have to store data in a particular file format in order to fall under the E2E system Apple are bringing in?
Does Agenda data fall into that category? I think most, if not all users, would like their data fully encrypted.
My understanding is that the app has to use a special type of encrypted cloud record to opt-in to the E2E. This was only introduced a year ago, and we aren’t using it yet. It also doesn’t support large files, only small values.
In short, my understanding is that we won’t get it for free, and will have to make changes to opt in. It may also not work on older operating systems, which could be a real fly in the ointment, because then you could have one device that encrypts, and another that doesn’t understand the encryption. That would be a mess.
There is a lot to look into and understand, and this is not available to the whole world yet. We are going to investigate.
(Note that your data is encrypted before upload and when stored in iCloud already. The difference with E2E is that currently Apple has the keys to the encryption, so you have to trust them. With E2E, your iCloud sign in becomes the key, and Apple doesn’t know that, so it is more secure.)