Note Taking for Linux With Encryption

If you use a Mac or Windows, you may have read my posts about what I feel are the best note taking applications for Windows and Mac. As I now use Linux, and have used Linux for many years on and off, I want to share with you what I feel is the best Linux based note taking and storing program.

My favorite Windows and Mac note taking applications do not run on Linux natively. The best known Linux note taking program I know of is Tomboy. Tomboy, is a cross platform application. Tomboy does have some limitations which keep it out of my favorites as my needs are different. Tomboy is included by default in many Linux distributions and worth checking out if your needs are simple for note taking and storage.

What for me is a better alternative to Tomboy for Linux is a program named Cherrytree.  Cherrytree per the home page is:

“A hierarchical note taking application, featuring rich text and syntax highlighting, storing data in a single xml or sqlite file.”

I enjoy using a a notes program with a tree like structure. If you ever used any version of Treepad for Windows, you will be right at home. Cherrytree’s tree like node structure lends itself to easily visually find any note. Cherrytree also contains a handy search function. The tree node structure allows for notes to be placed under notes. This means no folder to open and peruse, notes are visible unless you have condensed the node.

cherrytreeI enjoy the Cherrytree search function. When using the search function, Cherrytree lets me know every instance of the keyword, or phrase I search for. Cherrytree has options for keyword setting on each node of the tree. My notes are not that complex, but the option is there if you need it.

What makes Cherrytree special, is Cherrytree has an encryption option for storing note files. On top of an easy to use, and easily to modify tree structure, notes can be encrypted when the file is saved.

What I do is I have two files. The first Cherrytree file contains my ’43 folders’ type information (calender and to do system), and general notes. I leave this file unencrypted. I have a second file containing passwords and other personal private information which is encrypted. Swapping between the two files with Cherrytree is a breeze. When Cherrytree is in use you may open another file as easily as you can with a text editor.

For the password protection scheme, Cherrytree uses 7-zip. 7-zip uses Strong AES-256 encryption in 7z and ZIP formats. Strong enough encryption for me. If my computer turns up missing, as in stolen, I have plenty of time to make all the alerts I will need to make.

Another important Cherrytree option is the ability to make each node on the tree ‘read only’ with the press of a key. There is nothing to match the frustration of overwriting a password or phrase because I did a Shift + V (paste), instead of Shift + C (copy) and later saving the file and not noticing what I did.

One final and perhaps moot point is Cherrytree is aware of file modification. Some programs are written with the user in charge, no questions. A file may be saved in a changed state, no questions asked. Cherrytree however asks if I want to save the modified file. This simple question has saved my passwords from being overwritten by mistake because I am thinking of other things while closing programs.

Cherrytree is in the repository of many Linux distributions. If Cherrytree is not in the repository of your favorite Linux distribution, you can download Cherrytree (as I have) in the format you need from the authors web site. Install instructions are easily followed, and simple to do.

The odds of anyone trying to break an encrypted file saved on a stolen computer are so low it is not worth worrying about. Thieves are only interested in a quick buck, not personal secrets. Truth is, if a thief is smart enough to break password encrypted files, they are not physically stealing for a living.

If you use Linux, and want an easy to use program to store sensitive notes, Cherrytree is the best program I have found. Having read only ability by a key toggle, and strong encryption make Cherrytree stand out from the crowd.

For all this, Cherrytree is donation-ware. Try out Cherrytree, and if you like it, let the author know by making a donation to the program via Cherrytree home page. Donating helps keep Cherrytree and its author reamin alive and healthy.

Scary Happenings on Your Internet and Electronics

A snippet from a reply from one of my Senators asking about the NSA…

“As you may know, under one of the programs, the NSA has for seven years collected on a daily basis information related to Americans’ telephone calls.  This information includes the telephone numbers called, along with the date, time, and duration of calls.  The Foreign Intelligence Surveillance Court (FISC) – a special federal court created in 1978 to review the government’s applications for surveillance orders – has allowed the collection of this metadata under Section 215 of the PATRIOT Act.  Section 215 amended the Foreign Intelligence Surveillance Act (FISA) of 1978 to allow the Federal Bureau of Investigation (FBI) to apply to the FISC for an order to collect a broad array of business records and other tangible things relevant to an authorized investigation.  Previously, the authority was limited to the collection of only records from certain businesses, such as hotels and car rental agencies, and the FBI had to provide facts tying the records to a specific person.”

A Russian group of programmers are planning to sell commercially a root kit that will capture and forward anyones banking information, if they can get the software on their computer. You can be the first in your neighborhood to have this software for about ~ $2,500.00 US.

Some companies who offered encrypted email are shutting down due to fear of government scrutiny. They don’t want to take the hit for illegal activity being tied to their product. They ‘claim’ a concern for their customers, and perhaps a little fear of government scrutiny around themselves too?

The Tor network bust of a few weeks ago that netted a hundred plus people receiving and transmitting child porn, upset large numbers of people who deal in things less than legal. It also upset people who were led to believe tor was the utlimate internet privacy tool.

The infamous Pirate Bay frustrated because some governments have blocked them, have created their own browser so individuals may bypass government restrictions and get on with what they want to do, rather than what is permissible.

NSA and Internet

NSA and others are logging your electronic life

Some Internet Service Providers have agreed to email you, or flash you a screen a message if they detect you downloading copyrighted information illegally. “In case you are not aware”, is the reason given. To determine if you are downloading copyrighted information all your internet usage will need to be monitored.

Certain Televisions can spy on you per one newsworthy article on a techie website. The software running the television is very vulnerable to being hacked over the net. If there happens to be a camera or microphone attached to the television, well, you may be streaming media (your personal life) to people you do not know. Imagine seeing yourself in a compromising situation that took place in your front room in a youtube video?

An East Coast couple had a visit by several men in suits and badges after some rather innocent web searching by family members after the Boston Bombing. It appears one can look up anything on the web, however they can’t do it in conjunction with other sensitive topics. Sort of like the ‘three strike’ rule in baseball. Too much curiosity wakes the cat.

Besides the obvious, “What’s next, are we going to have cameras and microphones in our living room spying on us?” Do we already? At least the Internet is already taking action. One of the things I love about technology is changes happen fast. No need to be reactive when you can be proactive.

Here is what a little casual browsing turned up today:

Mozilla corporation is working on an ad blocking browser. If I understand correctly is it is blocking advertising streamed with secure web pages, because of the security issue it opens up. The issue stems from insecure content being delivered on a secure connection. Lots of opportunity for bad things to happen.

Advertisers are in an uproar, claiming their web site material will now be ‘stolen’. Hmmm, how do you steal information posted freely on the web? Some websites are threatening to go subscription only.

I say, good luck making a living with that business model. If the ads didn’t dance across the page, or block all access to content, I don’t think we would be at this point.

Since there is legislation either in the works or passed making the sender of copyrighted materials a felony offense, Usenet has gone to encrypted postings. At least by those that have a clue.

Operating systems on a flash drive or CD are gaining even more attention. If you cannot trust your computer has not been compromised – an unprotected Windows XP machine lasts less than 20 minutes on the net before being taken over – systems on a removable cd or flash drive are the way to go. They are read only, and cannot unless you allow it store any information. This means there can be no root kit, virus, or malware cookie sending your bank account information home to Daddy.

Encrypted phone calls will make a splash on the scene soon, if you haven’t heard about it already. Encrypted messaging is already here for those that want it. Each of us will have to decide how badly we want to talk with someone. Enough to match their encryption methods, or not talk at all over electronic medium?

Electronic security has always been a game of catch up. No matter how fast any Government, service provider, or other group is, they will never be ahead of the curve when it comes to halting illegal activities on the internet. No matter how quick they are, the internet as a whole is quicker.

Some people are resorting to triple encryption, just because they can. An email message, text message, or document is processed through three different encryption programs. In other words they are encrypting a document that that was created, encrypted, encrypted again, and finally encrypted a third time using different encryption techniques. Lot of work to say get a carton of milk on the way home from work.

Other people are sending out texts and emails containing trigger words, and I can guess you know what those are. Emails that have no purpose other than to trigger the NSA’s software into action, especially if they are sent with light encryption

Which brings me to my main point. Is the internet in jeopardy of shutting down? Unless you are comfortable with every key stroke being logged, worrying about your bank accounts and your very private information being sent to another computer, having your browsing habits logged and analyzed, your friends and family watched,it may be.

Is the internet going to end up as a nameless, faceless place, where the only web traffic is encrypted, and the only web sites still up, talk about gardening, and cooking and other acceptable topics while the NSA studies each word in an article?

Will all your web travels and searches be logged and monitored? How about the privacy of your own computer, laptop or tablet? Will it keep your private matters private, or will it contain a backdoor where all your actions can and will be monitored?

These are real questions and real concerns. Let your officials know how you feel about all of this. Apathy and nameless fear got us this far. If left unchecked, the world of computers and the internet, may go the way of the home phone, boom box, and so many other things we thought would be around forever.

Where does state security and individual privacy divide? Should everyone be investigated around the clock because they might be something they are not advertising? Where is the line on personal privacy? Will it extend from the search for possible terrorist activity to tax fraud, income tax evasion, searching for any and all illegal activity?

In the mean time, maybe there is no need to worry about backing up your documents, perhaps the NSA already has a copies you can download under the, “Freedom of Information Act”? Write your representatives, and let them know how you feel about his. If you don’t tell them what you think, big business and the government will.