Foil Notes allows you to encrypt notes with a password stronger than the lock code. Strictly speaking, each note is encrypted with a unique random 256-bit AES key which in turn is encrypted with an RSA key which in turn is encrypted with your password. If the bad guys get your encrypted notes, they would have to crack the AES key (different for each note) or the RSA key (shared by all notes but harder to crack) in order to extract the content. If they get the encrypted RSA key as well, then they can brute force your password. So in the end, the encryption is as strong as your password.
The format of the encrypted file is described here - it's the same format as used by Foil Pics and Foil Auth apps. Plain text (unencrypted) notes are stored in the format understood by Jolla Notes. Encrypted files are stored in ~/Documents/FoilNotes
.
The RSA key is shared with Foil Pics and Foil Auth apps. It's stored in ~/.local/share/foil/foil.key
- you can copy it from one device to another. Using the same RSA key on different devices, protected with different passwords, is actually not such a bad idea. If you forget the password, you can use the backup key to decrypt your notes, assuming that it's protected with a password that you still remember.
Source code: https://github.com/monich/harbour-foilnotes
Comments
carlosgonz
Sun, 2020/12/13 - 07:15
Permalink
Thank you slava. Good improves.
lxmx
Sun, 2020/12/13 - 07:00
Permalink
Hi Slava, thanks for all the Foil apps! Wondering what is the best workflow to have the encrypted notes in sync between the phone and e.g. a desktop? (I am not worried if the notes are stored decrypted on the desktop but I do care about the phone)
slava
Sun, 2021/01/03 - 05:06
Permalink
This might actually be helpful. Even though that issue describes decrypting Foil Pics files, the procedure would be exactly the same for Foil Notes or Foil Auth, since they all use the same encrypted file format.
lxmx
Sun, 2021/01/03 - 06:53
Permalink
Thank you!
objectifnul
Mon, 2020/01/06 - 01:27
Permalink
Is this release 1.0.11 supposed to auto-lock after 15 seconds? Or to auto-lock only 15 seconds after the device itself is locked? If so, it doesn't on my XperiaX.
slava
Mon, 2020/01/06 - 02:05
Permalink
And no, it's not supposed to auto-lock while the screen is on.
Here's why I did this in the first place. I have my "Automatic locking" setting set to "No delay", and display to sleep after 30 seconds. As a result, it I don't tap the screen when it gets dimmed, the phone gets locked and every time I unlock it I have to re-enter the Foil password. That was annoying.
Now this logic gives me 15 seconds to unlock the phone (e.g. by swiping a finger) before I have to re-enter my long and secure Foil password. That's what I was after.
slava
Mon, 2020/01/06 - 01:49
Permalink
Notes are now supposed to get auto-locked 15 seconds after the phone is auto-locked (i.e. when you leave it unattended, the display is first dimmed then turns off, then after certain period of time the phone gets locked and then 15 seconds later notes are locked). In all other cases notes should still be locked immediately.
Historyscholar
Wed, 2019/08/21 - 22:01
Permalink
Can we add recordings and photos to notes ?
slava
Thu, 2019/08/22 - 01:05
Permalink
For photos there's Foil Pics app!
vista_narvas
Wed, 2019/08/21 - 21:20
Permalink
is there a easy way to decode Notes on a other device ?
slava
Thu, 2019/08/22 - 01:03
Permalink
If your copy the key and the notes to another device, sure. You can even do that on a regular Linux machine from the command line like this:
where
foil.key
if your foil key,qqqqqqqq
is your foil password and75A3CD846F5B6150
is a foiled note (the decoded text is dumped to stdout). foilmsg sources can be found here:https://github.com/monich/foil/tree/master/tools/foilmsg
eson
Tue, 2019/07/16 - 08:48
Permalink
Hi,
Great app! I'm using it all the time. Would it be possible to add Timestamped sections to Foil Notes?
TheJullus
Sat, 2019/07/06 - 18:25
Permalink
My Foil Notes doesn't open anymode. Do you have any suggestions what to do?
slava
Sat, 2019/07/06 - 19:42
Permalink
The app doesn't start? Which device/SFOS version?
TheJullus
Sat, 2019/07/06 - 21:59
Permalink
Xperia XA2 Dual sim/ Sailfish X 3.0.3.10
slava
Sat, 2019/07/06 - 23:39
Permalink
Hmm.... I'm using XA2 as a daily device and never experienced any problem with Foil Notes on any released version of Sailfish OS including 3.0.3.10. Is there any way you could produce a core file, a backtrace or something that would give a clue on what's going on?
As a user, I would try reinstalling the package.
TheJullus
Sun, 2019/07/07 - 03:20
Permalink
What way on reinstalling would you recommend? I don't want to lose my notes. I tried to just install the .rpm file again without uninstalling the app. Didn't solve the problem
slava
Sun, 2019/07/07 - 11:54
Permalink
FWIW, uninstalling the app doesn't delete the notes (perhaps it should but currently it doesn't). I would be very curious to know what's going on, but like I said, I can't reproduce it. If you reinstal the app but the problem persists, it most likely means one of two things - a problem with dependencies (the app doesn't have any unusual dependencies, so that's unlikely unless you replaced libcrypto.so or something) or damaged data (notes).
You can check how the storage for unencrypted notes is doing by running Jolla Notes app. As for the encrypted notes, I suggest that you tar and send me the entire contents of your ~/Documents/FoilNotes directory and I'll see if I can reproduce the crash with those files. I won't be able to actually read your notes because they are encrypted and I don't have your key and don't know the password for it, but since the crash seems to happen before you even have a chance to enter your password, that shouldn't matter.
TheJullus
Sun, 2019/07/07 - 21:52
Permalink
Ok, reinstalling didn't seem to work. Where should I send my files and in what kind of package? (Ps. Other Foil apps for example Foil Auth work)
slava
Mon, 2019/07/08 - 00:14
Permalink
Sent you a message via openrepos.net contact page, let's see if that works.
TheJullus
Mon, 2019/07/08 - 01:04
Permalink
Access denied. To my own personal contact form
slava
Mon, 2019/07/08 - 12:38
Permalink
Hehe. Then use e-mail from the LICENSE file :)
TheJullus
Mon, 2019/07/08 - 16:15
Permalink
Oh, I feel so stupid. Anyways, I sent the files
TheJullus
Thu, 2019/08/08 - 18:57
Permalink
I managed to get back my encrypted note on a reflashed device! I just moved note files and old foil.key to right directories (as I described in the Foil Auth comment section)
direc85
Fri, 2019/05/24 - 23:29
Permalink
Just what I need to keep my notes safe. Thanks!
maier
Sun, 2019/05/05 - 13:51
Permalink
Hi may I can give my opinion in the round too)
Locking is a security feature which is located on different levels. In this case it is on the second level. (1st is the device ) So it makes sense to have in the settings an on/ off option so that the customer can decide what he wants and needs.
objectifnul
Tue, 2019/04/30 - 15:35
Permalink
Okay. After all the current locking logic is fine for me.
objectifnul
Tue, 2019/04/30 - 12:16
Permalink
Did you remove the autolock feature?
slava
Tue, 2019/04/30 - 13:09
Permalink
What do you mean by "autolock feature"?
objectifnul
Tue, 2019/04/30 - 13:19
Permalink
Maybe I'm wrong, but it seems to me that previous versions were locked atomatically after a while when minimized.
Pages