S

Standard Notes

An end-to-end encrypted note-taking application for digitalists and professionals.

Why TokenVault is going public source

In investing time and resources into improving TokenVault and other editors, we felt uncertain about the fact that there are already open-source clones offering free (but untrusted) distribution of our paid extensions. This is certainly within their rights, as our custom editors are licensed with AGPLv3.

For context, Standard Notes clients and sync server have always been released under an open-source license. Extensions have had a different history, as their primary purpose is precisely a way to monetize without impeding on core experience. They started as public-source, later changed to open-source, and today take another shift, but one we think is nuanced, reasonable, and hopefully, fair.

Editors that we develop in-house mostly from scratch will house a public-source, but not open-source presence. This means you can browse the source code online, and even use it for personal use, but you cannot redistribute it for free or for profit.

Editors that are derived and are mostly wrappers on top of existing open-source software will retain either the license of the majority share library, or AGPLv3.

Allowing us to protect our investments in resources allocated to improving editors also allows us to further re-invest revenue into improving our primary-focus open-source clients and server. Our goal is building the best way to store and manage your personal notes and data. End-to-end encryption, open-source, and business sustainability are fundamental pillars of our product, and we hope you’ll continue to trust us to adjust the levers in ways we deem important to our business, while keeping the scales tipped at-large towards open-source.

Standard Notes 3.6 Update

We’re excited to launch version 3.6 of our applications on every platform. This release focuses on simplifying access control measures, as well as giving you the power to review and revoke other devices signed into your account.

Session Management

You’ll now have the ability to review which devices are currently signed into your account. You can choose to Revoke an existing session. This will prevent that device from having access to your account. Revoking a session also removes all account data from that device. (Data removal feature requires all devices to be running v3.6+)

Protections

Prior to version 3.6, protecting certain actions, like viewing protected notes or downloading a backup, required you to configure complicated settings under the Manage Privileges screen. These actions were not protected by default until you went out of your way to properly enable them.

In version 3.6, we’re happy to introduce a change that will make protections a much more seamless experience. There are no longer any settings required to make protection work. Instead, the following actions are automatically protected:

• Viewing a protected note
• Downloading an account backup
• Other important actions, such as removing your application passcode or revoking a session

This means that to perform any of the above actions, you’ll be asked to enter your application passcode (or biometrics on mobile) first. If an application passcode is not configured, you’ll be asked to verify with your account password. (If you are not using Standard Notes with an account, and you do not have a passcode/biometrics configured, then these actions will proceed without verification.)

You’ll also have the option of “remembering” a protected session for a period of time, like 5 minutes or 1 week. When you choose for the application to remember, you won’t be asked to authenticate protected actions again until the selected time period has elapsed. If you choose to remember for 1 week, but change your mind afterward and want protections to be re-enabled immediately, you can do so from the Account/Settings menu.

Protected Notes

Prior to version 3.6, when you protected a note, we displayed a very prominent indicator on that note in your list of notes:

However, it’s often the case that when you protect a note, it’s more sensitive than usual. In that case, rather than drawing attention to it, you would in fact desire the opposite: if not totally hidden, then at least not vibrant and conspicuous. In 3.6, Protected notes have a much more subtle indicator:

The ideal experience is essentially that when scrolling through your long list of notes, your eyes shouldn’t be able to immediately pick out which notes are protected and which aren’t. This can be a particularly useful privacy feature if you have your application open in a public space, such as a school or workplace.

You might be wondering, as we did, why not take this a step further and make protected notes completely indistinguishable from regular notes, and not have any indicator at all? The reason primarily is for your own peace of mind: it can be somewhat alarming if you protect a note, return to it a week later, not see any special status on it in your list of notes, panic, and think, did I not protect this!? So for now we find the more subtle approach to be the most balanced one.

Security Audits

In case you missed it, we also announced the completion of two new major third-party security audits performed by Trail of Bits and Cure53. These extensive audits focused on both our application and server codebases, as well as our detailed encryption specification and protocol.

Read more: Standard Notes Completes Penetration Test and Cryptography Audit

What’s Next

Version 3.6 completes another round of “foundational” updates we’ve been eager to ship. These updates focus on features that improve the core experience centered around privacy and security. Our roadmap for the remaining year consists of two major projects:

  • Unifying our systems and architecture so that services such as Extended, our website, and Listed can communicate with each other in a more seamless manner. Currently you may notice that signing up for Extended, our paid subscription service, requires you to enter a separate email on our website (that may or may not be the same email you use to register for a notes account), then import a code into your app that activates your Extended benefits. We’d like for this process to be much simpler, so that there aren’t many parts that you have to worry about. Unifying this architecture will have many numerous benefits and solve several long-standing issues with the upgrade experience. But, as you can imagine, it’s a really big project. And we’re already well underway.
  • Files. This is a very important focus for us this year and beyond. Files are presently somewhat of a second-class citizen in our ecosystem, and requires configuring a few settings and linking an external cloud provider. We’d like to bring the same great user experience and reliability you’ve come to expect for your notes, to files. Imagine being able to open Standard Notes on your phone and seamlessly record a video or snap a photo that’s fully encrypted, and then have that file appear and securely synced to all your other devices instantly? Imagine being able to tag these encrypted files, attach them to notes, and more. We’re really excited about files, but, it may be our largest undertaking yet.

This wraps up our new releases and roadmap update. We hope you enjoy using our most secure and private experience yet on all your devices.

If you’d like to support our work and development—and unlock our full suite of productivity-enhancing features—you can purchase Extended, our paid subscription service. Extended unlocks editors including Secure Spreadsheets, TokenVault Authenticator, and a suite of Markdown and Code editors, as well as other powerful services such as daily email backups, extended note history, and more.

As always, please don’t hesitate to get in touch if you have any questions. You’re also welcome to join our community Slack group and follow us on Twitter for more frequent updates.

Standard Notes Completes Penetration Test and Cryptography Audit

We are pleased to announce the latest release of our encryption suite. This release uses the latest state-of-the-art, cryptographer-recommended algorithms for modern day encryption and key generation, designed to withstand the latest advances in cryptographic attacks and brute-forcing.

For data encryption, our latest cryptography suite uses the XChaCha20-Poly1305 algorithm. This algorithm is presently the preferred algorithm in many modern-day encryption contexts, and ranks above any of the AES-suite algorithms, like AES-GCM and AES-CBC.

For password based key derivation, our new release uses Argon2, a memory-hard algorithm. This is in comparison to PBKDF2, the previously and commonly used algorithm that has proven to be vulnerable to recent technological advances in specialized computer hardware, as demonstrated by cryptocurrency mining equipment, that can compute hashes very quickly. Because Argon2 is memory hard, each single guess at a hash requires around 70MB of memory. This makes it very, very expensive to mount a large scale attack and try to guess trillions of hashes. Guessing trillions of hashes using PBKDF2, however, is not nearly as expensive.

The implementation of the latest advances in encryption technology make Standard Notes more robust, powerful, and secure than ever. These new releases are backed by two new security audits conducted by two of the world’s leading cryptography research and testing firms: Cure53 and Trail of Bits. We engaged with Cure53 to conduct a penetration test of our entire ecosystem, including our cross-platform applications and server. Cure53 conducted a rigorous and thorough test, lasting multiple weeks, that helped ensure confidence in our ecosystem by finding any vulnerabilities in our environment. We also engaged with Trail of Bits to audit our new encryption release. This entailed auditing our specification, algorithms, and code implementation of the shared library we use in our applications to sync data and perform encryption and key generation.

We are very pleased with the results of both audits, and their impact on making Standard Notes the most secure note-taking application available. You can visit our Audits page to learn more about these, and other, audits.

Standard Notes as a Holiday Gift

A subscription to Standard Notes Extended is a wonderful and thoughtful gift for your friends, family, colleagues, and loved ones. The reasons are simple: you can use it to write about almost anything, anywhere, anytime, and for as long as you want. It’s hard to find a gift so versatile, flexible, rugged, and yet affordable. Let’s look at these reasons in more detail:

Versatile

Standard Notes Extended comes with a full suite of Markdown, code, and rich text editors, so you and your loved ones can write about almost anything you want. It’s easy to make lists for simple and habitual tasks like buying groceries and working out, and you can store data that doesn’t change often, such as secrets for two-factor authentication. Standard Notes has built-in end-to-end encryption, which means that your colleagues can store confidential, work-related information and your friends and family can keep private journals of fun and intimate moments.

Standard Notes is secured with modern encryption, but it’s still easy to share your notes when you want to. Extended comes with an Action Bar that makes it easy to copy your note, save it to a file, or email it directly to your friends, family, and colleagues. Standard Notes is integrated with Listed, a simple and popular blogging platform, so it’s easy to blog with a custom domain and publish to private links.

Flexible

Standard Notes works on all major operating systems, so you can take your notes with you wherever you bring your devices. You can read and add to your notes from your computers at home, work, and school or while traveling on the subway, at an airport, or in a cafe. You can even take your notes with you to the bathtub or pool if your devices allow it.

The Folders and Tags system in Extended is intuitive and powerful, so you can organize your notes to best suit your needs. With four dark themes and two light themes, Standard Notes is useful when working late into the night as well as throughout the day. The No Distraction theme makes it easier for you to focus on what matters: your thoughts and your content.

Rugged

The design of Standard Notes is, in one word, rugged. The apps are built for the long haul. They are sleek, slim, and built for longevity. Standard Notes Extended provides automated daily backups to your email, Dropbox, Google Drive, and OneDrive -- providers that you already know and use. The built-in Note History feature lets you revert your notes back to previous versions without a hassle. Notes are stored in plain text, making them easy to export and read without special software.

It’s a Great Deal

There are many reasons to give someone a gift, but the best gifts are usually thoughtful ones. Sometimes, we choose a gift because we have a good idea that it is what the recipient wants. Other times, we choose a gift because we think it will make them happy or improve their life. A subscription to Standard Notes is one of those gifts.

Standard Notes is a safe and reliable place to store thoughts, notes, and information. It is simple, useful, and built to last. A 5-year subscription to Standard Notes means that your gift will last for at least five years. Using it over time can provide benefits that last much longer. It’s a great deal. Treat yourself and treat your loved ones. Get a subscription to Standard Notes.

Our Holiday Sale, 35% off the 5-year plan, ends in a couple weeks. It’s $1.61/month or $19.37/year billed at $96.85 every 5 years.



Join our Slack and follow us on Twitter to get all the latest updates about Standard Notes.

What is a pull request?

One of the main ways software developers contribute to free and open-source projects is by creating pull requests to fix bugs, add features, clarify documentation, and to address other issues. A pull request is a proposal to make specific changes to the source code of a project.

Projects usually have multiple versions of their source code, and one of them is the main version. The maintainers of the main version often encourage other developers to contribute to their projects by creating pull requests.

How do pull requests work?

Pull requests typically have five parts: the issue, changes, discussion, approval, and merge.

The first step to creating a pull request is to identify an issue with the existing source code for a project. Pull requests are meant to be reversible, so developers are encouraged to make each pull request focus on one issue or topic. For example, fixing a website's styling and updating its content can and should be separated into two separate pull requests.

After identifying the issue, a developer creates a complete copy of the project's source code on their own computer. Since their copy is derived from another copy, their copy is known as a fork. The developer then proceeds to change their copy of the source code to address the issue they identified.

When the developer is finished with their changes, they write a summary of their changes. The summary may include details about which issue the changes are meant to fix, an explanation for their approach to the issue, and a description of any testing they performed to ensure that the changes worked as intended.

Then, the developer requests the maintainers to review and accept their changes. The developer and maintainers discuss any remaining questions about the pull request, such as whether the changes can be optimized or need further improvements.

If the maintainers think that the pull request is ready, they can approve it and merge the changes into the main copy of the source code. The developer’s pull request is granted and the developers “pull” the changes into the main copy.

Why do people create pull requests?

Each developer has their own reasons for contributing to free and open-source software. Here are a few common reasons:

  • Prestige. When the maintainer of a project merges a developer's pull request into the source code of a project, the developer is permanently attributed as a contributor to that project. For example, the Standard Notes web app repository has 23 contributors at the time of this writing. Developers can accumulate fame and prestige within the developer community by making significant contributions to important and valuable open-source projects. This can help them build an audience and find more employment opportunities.
  • Experience. Junior developers can gain experience and build their resumes by contributing to open-source projects with pull requests, and experienced developers can use them to practice their skills. This can also help developers find future employment.
  • Generosity. Software developers are problem-solvers at heart and often enjoy sharing solutions for others to use. By sharing the solutions, more people can benefit from them. Contributing to free and open-source projects with pull requests is a way to give back to a community or project.
  • Compatibility. Developers can create new features and fix bugs by modifying their own copy of a project to suit their own needs. However, they can ensure that the new features and bug fixes are compatible with future versions of the project by implementing them into its main source code. Pull requests also allow their feature to receive more critical review and attention.

Further reading:


This post was originally published on the Standard Notes Knowledge Base. Standard Notes is a free, open-source, and end-to-end encrypted notes app.


Join our Slack and follow us on Twitter to get all the latest updates about Standard Notes.

Encryption is for Everyone

People with wealth and power have many things that normal people do not. When they are sick, they have access to many of the best doctors and the best medical treatments. When they are well, they can afford to attend the most prestigious private universities and pay for their children to do the same. When they are in trouble, they can buy their way out with the help of big law firms. All the while, they leverage their private social networks to influence giant corporations and government officials to create laws, policies, and products that maintain their wealth and power generation after generation.

The lives of normal people are much more difficult. They struggle to pay for their healthcare and education, and they rely on the free legal guidance provided by the government, if any at all. They influence the government with only their spare change, voices, and votes. The rich and powerful thrive while normal people struggle to survive.

But there is one thing that people with wealth and power do not have better than normal people: encryption.

In 2001, the United States National Institute of Standards and Technology (NIST) announced the Advanced Encryption Standard (AES) as a cryptographic algorithm that can be used by the U.S. government to protect sensitive electronic data. Today, AES is still widely used to protect personal data, digital communications, and other important information technology infrastructure. There are many ways to implement AES, and they are named in part after the sizes of their keys. The version that uses 256-bit keys is known as AES-256 and is the strongest version.

Many free and open-source software programs such as Standard Notes and Cryptomator make it easy for people to use AES-256 to protect their privacy and personal information. With these programs, encryption can be used by anyone regardless of their sex, gender, race, ethnic group, religion, economic class, political party, criminal record, or national origin. In other words, encryption is a way for normal people to keep information from the economic and political elite. Such information could include facts and personal data that normal people could use to prevent the elite from further suppressing or infringing upon their rights. Encryption is a way for normal people to maintain what little power they have.

Furthermore, people with wealth and power cannot buy better encryption. The world's largest computer networks cannot break AES-256 even though the algorithms were invented over two decades ago and there have been great advances in computing technology. The wealthy and powerful may be able to hire mathematicians, cryptographers, and computer scientists to create new algorithms and implement them in proprietary software programs, but no amount of money can give them better encryption. Algorithms need to be tested with time and software needs to be inspected by communities in order to be trustworthy. Practically speaking, the elite cannot create better encryption software than what is already free, fast, easy to use, and impossible to break.

The widespread use and availability of a defensive tool as unbreakable as encryption software threatens the technological dominance that the economic and political elite have held for so long. Governments use it for themselves to protect their own secrets, such as those vital to "national security," but many of them try to limit access to encryption technology in order to surveill, censor, and otherwise control their constituents. Since they do not have the technical capacity to break encryption, they have to use social means to prevent its use. They create laws that ban its import and export and punish people who use it. They make software companies liable for how people use their products.

Governments usually create these policies under the guise of trying to prevent criminals from doing bad things, but they are also the ones who determine who is a "criminal" and who is not. The policies they create also affect the technologies that normal people have access to, but normal people can use encryption in a variety of ways that are not harmful or morally wrong. As a result, the economic and political elite determine the rules of acceptable behavior for everyone except themselves. Therefore, attempts to limit access to encryption are attempts to further undermine the power of normal people.

If you believe that normal people should have the power to protect their own private personal information, then you can help us maintain our power by acting on your beliefs. You can exercise your rights to freedom of speech, privacy, and encryption. You can tell your government representatives to reject legislation that would prevent its use. You can use, support, and share encryption technologies with others to spread awareness. Software programs like Standard Notes, Cryptomator, and Bitwarden are designed to protect your personal notes, files, and passwords with AES-256 encryption. They are all free to use and open-source.

The right to use encryption is a fundamental human right as inalienable as the right to think freely in one’s own mind. It is a tool that belongs to everyone, not just the economic and political elite. Help us protect our right to keep personal information private and our freedoms to think, speak, and communicate by standing up for encryption.


Further reading:


Join our Slack and follow us on Twitter to get all the latest updates about Standard Notes.

How to block ads and trackers in Safari for iOS

Ads on the web are annoying and most trackers betray our privacy by giving third-parties information about the sites we visit and the topics we are interested in. These third-parties can then track us around the internet to sell us more ads, distort our search results, and give our browsing history to governments. When we block ads and trackers, websites are easier to read and faster to load, so we save time and bandwidth (data).

Blocking ads and trackers is easy on desktop browsers thanks to extensions like uBlock Origin and Privacy Badger. These extensions are not available on iOS, but we can still block ads and trackers in Safari by downloading additional apps and enabling them in the Settings.

The installation process is the same for each app. After installing the app from the App Store, visit Settings > Safari > Content Blockers and enable them. In the Settings, you may information about content blockers:

Content blockers affect what content is loaded while using Safari. They cannot send any information about what was blocked back to the app.

The following apps seem to be reliable content blockers for Safari:

‎Firefox Focus: Privacy browser App StoreMozilla
FREE
‎Better Blocker App StoreInd.ie
$1.99
‎AdBlock Pro for Safari App StoreCrypto, Inc.
$9.99

Firefox Focus is free and open-source and is also available on Android. The source code for the Android and iOS apps are available on GitHub.

Better Blocker is also free and open-source. Its source code is available on GitLab.

Adblock Pro is not open-source, but it does not require account registration and it does not require any special permissions. Their privacy policy states that the "App does not collect any personal information" and that the "App uses Apple's native Content Blocking API - it only supplies blocking rules to Safari, without having any access to your browsing data."

You can use each of these apps on their own or all together to maximize the number of trackers blocked. Better Blocker is the simplest to use, but Adblock Pro provides the most customization.


Join our Slack and follow us on Twitter to get all the latest updates about Standard Notes.

What is Free and Open-Source Software?

Software programs, like other creative works, are released to its users under certain terms and conditions called licenses. When a license gives its users the rights/freedoms to use, study, copy, modify, improve, and redistribute it, then the software is considered free, or libre, and open-source software (FOSS).

Background: In software development, companies and developers write software as a collection of many files called the source code or the code base. When the software is ready for use, they compile the source code into executable files. For example, applications on Windows and macOS typically have the file extensions .exe and .app, respectively. These executable files are usually unreadable and recovering the source from them is usually impossible.

  • If the developers keep their source code private, then the software is said to be proprietary or closed-source.
  • If the developers publish the source code for the public to study it, but do not grant them the all freedoms of open-source software, then software is called source-available.

In conventional software development, companies release proprietary software and they require you to purchase a license or subscription in order to use it. This sometimes works well for consumers, but there are important restrictions to be aware of when using proprietary software. If a software program prevents you from exporting your data and using it in another compatible program, then you are forced to maintain a subscription for it in order to maintain access to your work. This tactic, known in economics as vender lock-in or consumer lock-in, is a way for technology companies to make it difficult for you to stop using their services.

Free and open-source software avoids locking-in consumers and instead provides them with several valuable rights:

  • Users of free and open-source software are permitted to use it for any purpose (except for those prohibited by law).
  • Users and third-parties can independently study and inspect FOSS programs to verify the authenticity of claims regarding its privacy and security. By making the software transparent, it has the potential to be safer and more trustworthy.
  • After obtaining copies of the source code, users can modify it to fit their needs. These modifications may include improvements on the original code or removals of existing features (e.g., those that invade privacy, create security vulnerabilities, or are simply unnecessary).
  • Users of FOSS can choose to redistribute their software, modified or not, to other people without fee or for profit. The right to redistribution allows users to share their modifications and improvements with others.

Some FOSS licenses require that any redistribution of the software must also be licensed with the same license as the original software or at least be licensed in a way that does not revoke any of the rights granted by the original license. These licenses are known as copyleft licenses and are meant to guarantee that any modifications of FOSS remain part of the community as FOSS.

Example: The strongest copyleft license for FOSS is considered to be GNU Affero General Public License Version 3.0, or AGPLv3, because it requires that anyone who uses the software to provide a service over a network must also provide its complete source code, even if it's modified.

Standard Notes publishes the source code for its web, desktop, and mobile apps as well as its syncing server and extensions under AGPLv3. This means that any individual or company can legally use all our free and open-source software for their own commercial purposes and therefore potentially drive us out of business. However, the AGPLv3 license requires that they must also release their software under AGPLv3, so any improvements that they make to it ultimately return to the Standard Notes community. This means that if Standard Notes were to disappear for whatever reason, then the community would be able to maintain the service and your notes would continue to be safe.

Further reading:


This post was originally published on the Standard Notes Knowledge Base. Standard Notes is a free, open-source, and end-to-end encrypted notes app.


Join our Slack and follow us on Twitter to get all the latest updates about Standard Notes.

What are LaTeX, TeX, and KaTeX?

What is LaTeX?

LaTeX is the standard document preparation system for producing high-quality publications in academia and technical industries. It is often used for large and important academic works such as theses, dissertations, and peer-reviewed journal articles and books, but it can be used for anything, from resumes to homework and lecture notes.

For example, the security white papers for Signal and ProtonMail are written in LaTeX by security professionals.

How does LaTeX work?

The main idea behind LaTeX is that you can focus on your content because you do not have to think about how it is formatted as you are writing. For example, if you were writing a paper with multiple sections and subsections, you could define where they start and what they are called by typing \section{Section Title} and \subsection{Subsection Title}, respectively. Then, when you are ready to see your stylized document, you press a Render or Print button in your LaTeX editor and it will produce a separate .pdf file for reading, sharing, or publishing. In the .pdf file, you will see that the sections are automatically enumerated and styled according to the default styling or any customized styling that you defined.

When you work with LaTeX, your work is saved into plaintext files with the extension .tex. They are just like .txt and .md files, except your computer operating system can easily associate them with your LaTeX editor. The two main types of files involved with LaTeX -- plaintext and .pdf  -- are among two of the most easily readable by humans without any sophisticated software, so they are great for storing information for a long time.

The way of editing and overall workflow offered by LaTeX is different from mainstream typesetting programs such as Microsoft Word, Open Office, and Google Docs. These programs are described as What You See is What You Get (WYSIWYG) because you style your content as you work, and the formatting that you see on the screen while you type is what you expect to see when you print it out or convert it to a .pdf. These editors usually save your work in special extensions such as .docx, .odt, or .rtf in order to preserve the formatting. These files require special software to read, so they force you to remain an active user or subscriber of that software in order for you to maintain access to your work.

When you work with LaTeX, you write in plain symbols and produce a .pdf of stylized symbols, but with mainstream software, you write in stylized symbols and produce a .pdf that you expect to look exactly the same.

What is Tex?

LaTeX is used by academics in many languages and in almost every field because it incorporates TeX, a sophisticated digital typesetting system. TeX was initially released by computer scientist Donald Knuth in 1978, six years before LaTeX was first released, and has long been the standard typesetting for academic publishing in technical fields. In the documents produced with LaTeX, the shapes of the letters and symbols and the way they are spaced apart are collectively known as TeX.

There are plenty of extensions to TeX, so it can be used to write about any subject, but it is probably noticed the most in mathematics, computer science, and science because it was originally designed to typeset complex mathematical formulas.

In a LaTeX program, you can type math by enclosing it in dollar signs. For example, if you type $$\frac{\sqrt{2}}{2}$$, you would get a fraction of √2 over 2. Try it for yourself on the free online Upmath editor. Some LaTeX programs allow you to use one pair of $ signs instead of two, or to use one for in-line math and two for large blocks of math.

What is KaTeX?

KaTeX is a fast, self-contained JavaScript library supported by Khan Academy that makes it easy to render TeX on mobile, desktop, and web applications without the full LaTeX infrastructure. It has much of the same functionality as LaTeX but does not have all the same features and add-ons. KaTeX is built for situations where sharing snippets of TeX is enough and sending entire .tex or .pdf files is excessive or inconvenient. For example, KaTeX is built into Facebook Messenger and Rocket.Chat for you to send bits of math in your chat messages.

A full table of TeX symbols supported by KaTeX is available here.

Since KaTeX is made for the web, it is commonly used in conjunction with Markdown, another way to indicate basic formatting while you are writing. As with LaTeX, Markdown is not WYSIWYG, and contents are stored in plaintext .md or .txt files. To make bold text in a WYSIWYG editor, you highlight the text and click a button. In LaTeX, you type \textbf{bold text} and in Markdown, type bold text. Keyboard shortcuts are generally available for each form of editing.

Why Learn TeX?

Many undergraduates and graduate students in STEM fields are required to learn how to use LaTeX because it is expected in graduate and professional schools, but having TeX more accessible over the web via KaTeX and having students learn TeX as early as high school will make mathematics a bigger part of our internet language, and that would have many positive consequences for each of us.

Our understanding of abstract concepts depends on our ability to describe them with language. For instance, we feel a wider range of complex moods and emotions when we have a language to distinguish between individual feelings and to identify how much we experience them. So, when we talk with other people and write to ourselves about how we feel, we can better describe what we feel, how often we feel that way, and for what reasons.

Similarly, if we incorporate KaTeX into the online platforms that we use to communicate, we can integrate mathematics into our written language and thereby improve our understanding of mathematical objects. Ideas that were once strange and obscure will feel more natural and human as we talk more about them. Math will then seem less separate from ourselves and less of a formal activity done only in classrooms for grades. This may also help reduce mathematical anxiety, a common phenomenon among students today.

Adding support for mathematics to our online infrastructure is especially important today. Students are becoming increasingly reliant on receiving their education over the internet, and a lack of familiarity with TeX forces them to scan documents, take pictures, or to draw their math. These methods do not work well for collaboration or require expensive, specialized hardware, so are inefficient or unusable by students and schools with limited budgets.

Furthermore, by including mathematics in our daily language, we can reduce the misconceptions that mathematics is entirely, or even mostly, a computational activity. It is true that a large and important part about studying mathematics is learning how to solve practical problems with calculations, but middle and high school students are too often taught that mathematics is all about these calculations. If they were to sit-in on an upper-level college math course, however, it is likely that they would not see any numbers at all. Instead, they would see complete sentences and stylized letters.

The field that we call Mathematics is as much about using logical arguments to prove that our computations actually work for what we use them for as it is about actually using them. Mathematics is a creative use of language and symbols to create representations of abstract concepts that we believe or take for granted to exist in the world. Most high schools and middle schools do not show students these aspects of mathematics. By making TeX more accessible to all, we can show our students that mathematics is a form of writing --  a form of expression -- that is more interesting and has more intellectual value than solving repetitive calculations.

If students were to have mathematics incorporated into their online language and have a better understanding of what higher level mathematics is really about, then they will likely learn it more quickly, with less effort, and with more enthusiasm. These benefits will probably extend to other disciplines since mathematical literacy is an important foundation for doing serious work in almost any technical field. For example, students who want to engage with the recent progress in mathematical machine learning and artificial intelligence would benefit from knowing how to communicate math with the online community. This involves learning how to write math in complete sentences with TeX.

How to use TeX

The number of things that one can do with TeX is limitless and everyone's situation is different, so there is no single best way to use it.

LaTeX is free to install and use on every major desktop operating system, but the installation process can be challenging for many users. On Windows, users need to decide on a free TeX distribution and free editor to work as the front end for the distribution. For security purposes, it is advised that users verify the hashes and signatures of the distributions and editors that they download to ensure their authenticity. If you want to avoid installing LaTeX on your desktop or do not have Administrator privileges to do so, there are online LaTeX editors that are free to use, but you may want to be wary of privacy concerns or need to use additional tools to save and sync your TeX between your devices.

If you do not need the full document preparation system provided by LaTeX or prefer to get started with a simpler approach, we recommend using our Standard Notes app. It syncs your notes between all your devices, including mobile devices, with end-to-end encryption. The installation process is simple and straightforward. Our Markdown Math editor is fully equipped with KaTeX, and you can use it to import and export individual notes in your preferred extension for plaintext files (e.g., .txt, .md, and .tex) to share your math with others. You can also work with our Code Editor to type in LaTeX and use the Action Bar to export your .tex files to render with your dedicated TeX editor.

The Standard Notes approach is great if you want to take notes or complete assignments in Markdown and KaTeX. With our full range of editors, themes, and backup options, you can also use the app for your other academic and personal notes.

We offer students a 30% discount on the one-year and five-year plans of our Extended subscription and we offer free refunds for up to 30 days if you change your mind and want to use a full LaTeX service. Click here to learn more.

If you are only interested in learning TeX on desktop, you can use the free Visual Studio Code text editor. You can use VSCode to easily open and save .md files, including ones exported from Standard Notes, and view the TeX with extensions like Markdown All-in-one and Markdown+Math. These extensions also use KaTeX.

If you only want to type TeX to communicate via email, you can use the Tex for Gmail Google Chrome extension.

In any case, regardless of how you use TeX, it has the possibility to improve your relationship with math and the way you produce documents. Beyond academics, you can use it to design professional resumes, publish technical specifications, and write papers to include in your personal or business portfolios. There are plenty of open source templates that you can use or start from scratch to create a style that best suits your use.

Further Resources


Join our Slack and follow us on Twitter to get all the latest updates about Standard Notes.

Encrypted, Ephemeral Customer Service

The Silver Lining in Facebook's Privacy Nightmare

Privacy advocates and journalists have known for years that the tech behemoth Facebook, Inc. threatens our privacy. The company owns three of the most popular social media platforms – Facebook.com, Instagram, and Whatsapp. Each of them are free to use, but Facebook, Inc. posted $55 billion in advertising revenue in 2018. Their advertising revenue was 98.5% of their total revenue for that year and the percentage is expected to increase to 99% in 2020.

In order to make so much money from selling advertisements, Facebook tracks its billions of users both on and off Facebook.com with artificial intelligence to determine "how they will behave, what they will buy, and what they will think." Then, Facebook uses these predictions to serve the users advertisements. Even though they claim that they do not sell your data, they used it to generate $22.1 billion of profit in 2018 alone.

Despite all of these concerns, there is one feature that Facebook has offered since June 2015 to improve its users' privacy and security: support for Pretty Good Privacy encrypted email communications. This security feature is one that the vast majority of companies still lack even if they make millions in profits.

What is Pretty Good Privacy Encrypted Email?

Pretty Good Privacy, or PGP, is an end-to-end encryption system that ensures that emails can't be read or tampered with by third-parties while they're in transit from the senders to the recipients.

For Facebook, this means third-parties won't be able to see your password reset information and any notifications for comments, posts, and chats that you're following. Facebook knows about almost everything you do on its platforms, but the encryption prevents anyone who intercepts your email from knowing as well.

Companies usually do not offer encrypted support for customer service and notifications because it is costly and difficult to implement, and many users don't know how to use it anyway, so it's simply not a priority.

Encrypted, Ephemeral Customer Service at Standard Notes

All of the Standard Notes apps, servers, and extensions are free and open source because our mission is to protect your privacy and security. As part of that mission, we’re proud to offer you end-to-end encrypted, ephemeral customer service at standardnotes@protonmail.com.

To use this service, you’ll need to sign up for a free account at ProtonMail.com. You can also use the browser extension Mailvelope with your current email provider to send us end-to-end encrypted emails, but you’ll need ProtonMail to make them ephemeral.

Private Customer Service Improves the User Experience

We know that customer service is an essential part of the user experience and that privacy is an important component of customer service.

We understand that, as users of products and services ourselves, we sometimes struggle to master all of the features that it offers, no matter how simple the product is and how technically adept we are.

Sometimes we want to be able to find the answers ourselves, so we write help files and documentation for you to read at your own pace. But we're also aware that, as users, we want it to be okay to admit when we're struggling, when we're frustrated, or when we've made a mistake.

We make it more than okay by making it easy to ensure that third-parties don't know about your requests for help and by making it easier to forget that they ever happened. With end-to-end encrypted, ephemeral emails, you can be honest with us without worrying about leaving a permanent mark on the internet.

The Right to be Forgotten

It's obvious that companies should ensure that their users' passwords are stored properly and that their payment information isn't stolen. It's clear that people should be able browse the internet without being tracked and profiled. It's also widely understood that if we choose to leave a service, we should be able to delete all of our account data.

We have the right to control our data, and that should mean that we have the right to prevent third-parties from reading our support inquiries and the right to delete our old emails with customer support.

Using a product or service can require emotional energy, especially if we're using it to safeguard our most private, intimate thoughts. All of us feel anxious sometimes, especially when we think about the worst case scenarios.

Even though asking for help doesn't need to be embarrassing or stressful, we know from personal experience that it sometimes can be. We hope that encrypted, ephemeral support can give users a greater sense of confidence by knowing that nobody else will see that they want or need help. We know that, as users, we want to be able to ask for help then move on to enjoy what's next without having to worry or look back at all, for any reason.

Standard Notes is a Safe Place

At the heart of our service is a desire to give you a place where you can be yourself and express your thoughts. We don't profit from selling your personal data because we don't have it and we don't want it. By design, all of your notes are end-to-end encrypted between your devices, so we can’t read any of them. Knowledge of your personal habits, private thoughts, or intimate to-do's would be a liability to us and a direct contradiction to what we stand for. We offer you encrypted, ephemeral customer service so that Standard Notes can be an even safer place for your notes, thoughts, and life's work.


Useful links:


Join our Slack and follow us on Twitter to get all the latest updates about Standard Notes.

What is DNS-over-HTTPS?

In February 2020, the Mozilla Foundation announced that it would enable DNS-over-HTTPS by default for all Firefox users in the United States. In this post, we'll explain what that is and why it matters.

Background: You and your computer need to take many steps in order to connect to a website. At some steps, there's a possibility for your privacy or security to be vulnerable.

  • When you use a web browser such as Firefox to connect to a website, you are viewing files on a remote computer. These computers are usually set up to serve the website files and are also known as web servers. These servers are usually assigned a series of numbers and letters known as IP addresses. You can think of these IP addresses like phone numbers for computers.
  • In order for Firefox to know which website to connect to, you usually need to tell it by clicking on a link or by typing the domain name of the website at the top of the browser.
  • If the website is properly set up, then the domain will correspond to an IP address. When you connect to the domain in your browser, the domain automatically sends you to its corresponding IP address, which then sends you to its corresponding web server.
  • Once you've connected to a web server with your browser, you can send and receive files to and from the web server. These files are collectively known as your traffic, or web traffic.

For example, when you click on app.standardnotes.org or type it into your browser, you will automatically be sent to the IP address 34.228.118.242, where you can access the Standard Notes web app.

If you connect to app.standardnotes.org over https, as in https://app.standardnotes.org, then your traffic to and from your web browser and the web server will be encrypted. Nobody will be able to read or tamper with your files while they're in transit.

However, your connection to app.standardnotes.org and other websites will be known to your internet service providers and anyone else who is watching your network. They won't know what you're writing in your notes app, but they'll know that you're using it.  

DNS over HTTPS is the technology that encrypts the domain names and IP addresses that you're connecting to in a similar way that https encrypts your web traffic.

Why it matters: With DNS over HTTPS, your internet service provider and anyone else listening to your internet connections won't be able to know where you're connecting to anymore. If you use DNS over HTTPS with the Standard Notes web app, then you can be private about being private.


Next steps:

  • Standard Notes forces https on all its connections, but if you want to encrypt all your web traffic, you can use the browser extension HTTPS Everywhere by the Electronic Frontier Foundation.
  • In Firefox, visit Options > General > Network Settings and click "Enable DNS over HTTPS". You can also search "DNS" in the "Find in Options" bar or visit the official tutorial by Mozilla.

For other browsers, DNS over HTTPS can be enabled using the flags feature. First, update your browser to the latest version. If you use Microsoft Edge, you may need to install the new Chromium version. Then, depending on your browser, enter the following into the navigation bar and click enable:

  • Google Chrome: chrome://flags/#dns-over-https  
  • Microsoft Edge: edge://flags/#dns-over-https
  • Opera: opera://flags/opera-doh
  • Vivaldi: vivaldi://flags/#dns-over-https
  • Brave: brave://flags/#dns-over-https

You can also enable DNS-over-HTTPS on your mobile phone by using Cloudflare's 1.1.1.1 app.

Further reading:


This post was originally published on the Standard Notes Knowledge Base. Standard Notes is a free, open-source, and end-to-end encrypted notes app.


Join our Slack and follow us on Twitter to get all the latest updates about Standard Notes.

What is Electron?

Electron is an open source software framework that software developers can use to create desktop apps that work across Windows, macOS, and Linux operating systems.

Background: Each operating system can only run apps written in certain programming languages, called native languages. If a  developer wants an app to work on the system’s desktop, then they will  need to write it in those languages. If an app is written in a system’s  native language, then it is called a native app. For example, native  apps for iOS and macOS are written in a language called Swift.

  • Developing a sophisticated app for one platform takes a tremendous amount of expertise, time, money, and effort.
  • If a developer wants the app to work across multiple platforms, they will need to rewrite it in multiple languages. This requires them to  either understand the intricacies of each operating system and their  corresponding languages or to hire other developers who do. Both options  are too expensive or difficult for most startups and individual  developers.
  • Additionally, writing an app in multiple languages results in  multiple codebases, each of which requires resources to continue to  maintain, debug, and improve.

How it works: The three universal languages for web browsers are JavaScript, HTML, and CSS. Developers first write their app  in these languages then use Electron to package it with technologies  called Chromium and Node.js.

  • Chromium is an engine that powers many web browsers including Opera,  Google Chrome and Microsoft Edge. Node.js is a system that allows apps  written in JavaScript to interact with the operating system. Both work  across platforms.
  • Apps built on Electron are in effect specially designed web browsers that work like native apps.
  • Developers can start with building their app for just a single platform, like the web, then produce apps for all other platforms, like Windows and macOS, without expending additional resources on software development.

Why it matters: Electron makes it easier to create cross platform apps.

  • Developers can create cross platform apps without learning the intricacies of every operating system and their corresponding  programming languages.
  • Developers can use a single codebase for all three desktop apps, which makes it easier and quicker for them to catch and fix bugs.
  • Users can experience lower prices for apps built on Electron because  it reduces the costs for software engineers to develop them.

A possible downside of apps built on Electron is that they may use more storage and memory (RAM) than if they were built natively. However, storage and memory are becoming cheaper for consumers every year, so even the cheapest new laptops can run apps built on  Electron without users noticing the added system requirements.

Examples of apps built on Electron:

  • Communications apps including Discord, Riot.im, Rocket.Chat, Signal, Skype, Slack, and Whatsapp
  • Productivity apps including Standard Notes, Ghost, and Wordpress.com
  • Text editors including Atom and Visual Studio Code
  • Password managers including Bitwarden and Keeper

The bottom line: Many companies, both large and small, build apps on Electron because it reduces the costs to develop and maintain apps. Without it, many new apps wouldn’t exist or work cross-platform.

Further reading:


This post was originally published on the Standard Notes Knowledge Base. Standard Notes is a free, open-source, and end-to-end encrypted notes app.


Join our Slack and follow us on Twitter to get all the latest updates about Standard Notes.

Being a quiet software company

A user on our Slack, and some on reddit, have asked us why we've been sort of quiet on progress. Why no new blog posts? Why no new major releases? Why the seemingly dismissive attitude towards feature requests? Here was my response, and here's that new blog post you asked for :)

I spent the last few years personally responding to every single user inquiry or request. I also handled every single feature, bug fix, release, blog post, etc. At some point recently, this all began to take a toll on me, and was not sustainable. So I set out to hire a team. Hiring a team has been what I have been working on full time for the last 3-4 months. It really is one of the hardest parts of building a company. Now that the team is close to fully built, we’re sorting of establishing a game plan. You don’t just get straight to 100% throughput overnight. It takes organizing and orchestration. It takes planning, design, and intensive strategizing before a single line of code is written.

If we’re quiet, we’re working. Software development is hard and arduous. And we still don’t have a dedicated blogger or social media person. I run our Twitter, and I’m pretty bad at social media. But having a dedicated content person is just not our immediate priority.

In any case, I agree that the only way to know we’re actively here and actively working on improving SN is if you hang out in the Slack. Personally, I am a reserved character and have always worked in silence, and don’t put too much hype around upcoming features until they’re absolutely done and ready for shipping. The software development process is fragile and intricate.

We have a somewhat unique approach to feature requests, which at first glance may seem dismissive and anti-user: “We say no to feature requests.” This was a necessity early on to manage the never ending influx of feature requests and the finite resources available to develop and maintain them. We don’t say no because it means we’re never going to build the thing in question—we say no because we’re not going to make promises we aren’t sure we can deliver on yet. We will not build a feature if we're not absolutely certain it’s something we can maintain for the next decade. This is why we don’t have an official web clipper, for example. Can we spend a week or two building one? Sure. Can we provide immediate support and priority bug fixes to it when something goes wrong? Depends on our level of resources. But as of today, no.

The good news is that this is a full time obsession for many of us. And we’re not just sitting here, I promise you that. But we’re also not announcing our every move. Perhaps we can move towards being a more extroverted company in the future.

As a general note on how we build features, we won’t add new features into minor releases. If you ask for X feature and it sounds interesting to us, it’s unlikely we’ll just immediately bundle it into v3. Instead, how our process has typically worked is that every year or so, we release a new major version of our application. The features, design, and strategy for that release 100% centers around the kind of feedback and requests we’ve received over the last year. We have a really intimate temperature on where we feel the product needs improvement, and where we think the product excels. So while we can’t act on your feedback immediately, it’s definitely not forgotten. Most of my responses to feature requests typically take the form of "We'll keep that in mind!"—and that’s no cop out. We’re literally keeping that in mind. But that’s about all we can do in the short term. I’ve said yes to feature requests prematurely before, and ended up not shipping them for whatever reason, and it backfires, real fast.

So, here we are in 2020. We’re working on v4. You’re going to absolutely love it. But it’s going to take a soul-crushing amount of work to complete. I don’t dare make an estimate for how long it will take. But when it’s done, it will be the best work we’ve ever put out.

What is End-to-End Encryption?

End-to-end encryption is a system of encryption that allows parties to communicate in a way that severely limits the  potential for third-parties to eavesdrop on or tamper with the messages. Third-parties may include government agencies and companies that  provide internet, telecommunications, and online services.

  • End-to-end encryption helps people communicate securely by emails, voice calls, instant messages, and video chats. It also secures communication between devices for sharing and syncing files.
  • End-to-end encryption is most commonly used for digital communications, but it can also be used on paper.

The big picture: There are many systems of encryption. End-to-end encryption is considered an improvement upon another system called point-to-point encryption, which is a standard for transmitting credit card data.

  • When parties communicate with each other, their data is usually transmitted through a third-party service provider, which acts as a messenger (e.g., Gmail).
  • Point-to-point encryption encrypts data when it is in transit to and from the messenger, but the messenger can still read the message.
  • End-to-end encryption encrypts the data both before it’s given to the messenger, and also during transmission. Different mechanisms may be used to encrypt the data before transmission and during transmission.  Transmission encryption is usually layered on top of the existing  pre-transmission encryption.
  • End-to-end encryption works by encrypting the data before the third-party receives it and by preventing the third-party from obtaining the decryption keys. The encryption is performed locally on the communicating parties’ devices rather than on the third-party’s web servers.

Analogy:

  • Using end-to-end encrypted communications is like sending a physical  letter written in a language that nobody else can read or translate  except the intended recipient. Postal service employees can read the to and from addresses and estimate when the letter was sent, but they aren’t able to read the letter contents.

Why it matters: End-to-end encryption helps ensure the confidentiality and authenticity of communications. It protects users’ privacy and allows them to communicate with greater honesty and  freedom.

Pros and cons: End-to-end encryption protects user privacy by preventing unwarranted or unwanted surveillance by governments and service providers, but it also prevents law enforcement  from obtaining communication records when they have justified warrants  for doing so.

Limitations: End-to-end encryption protects the content of communications, but does not necessarily protect metadata about the communications, such as who contacted whom and at what time.

  • End-to-end encryption protects data when the service providers has a  data breach, but it does not always protect data when a user’s device, account, or password is stolen because they can be used to obtain decryption keys.
  • Service providers that claim to provide end-to-end encrypted  services may nonetheless introduce secret methods of bypassing the encryption. These methods are known as backdoors and can be created willingly or unwillingly. Thus, users are still required to place some  trust in the service providers.

The bottom line: End-to-end encryption is the new standard for service providers aiming to provide the highest levels of consumer data protection because even they are meant to be unable to decrypt their users’ data, but it does not replace lower standards, such  as point-to-point encryption, which are acceptable for other uses.

Examples of applications with end-to-end encryption:

Further reading:


This post was originally published on the Standard Notes Knowledge Base. Standard Notes is a free, open-source, and end-to-end encrypted notes app.


Join our Slack and follow us on Twitter to get all the latest updates about Standard Notes.

What is Encryption?

Encryption is the process of transforming readable text or data, called plaintext, into unreadable code called ciphertext. After the data is transformed, it is said to be encrypted. The reverse transformation process from ciphertext to plaintext is called decryption.

Background: There are many methods of encryption. Each method aims to prevent decryption by anyone who doesn’t have a specific secret key, such as a password, fingerprint, or physical device.

The big picture: Different forms of encryption have been used for thousands of years to secure communications. Modern mathematics and technology allow for widespread use of encryption methods that make it computationally impossible for third parties to  decrypt the encrypted data without the secret key.

Analogies:

  • Modern encryption allows people to put their data into digital safes that have locks that are physically impossible to pick.
  • Encrypting data is like translating it into a language that only the person with the secret key can understand. This prevents  unauthorized people from reading your letters even if they take it out  of the envelope.

Why it matters: Encryption can be used to protect documents and information where physical security isn’t enough or doesn’t help.

  • People can use encryption to prevent third parties from eavesdropping on or tampering with their communications.
  • Businesses can use encryption to deliver digital goods to their customers and safeguard important information about their clients, employees, or practices.
  • Governments can use encryption to protect secrets about their intelligence and military operations, issues concerning national security, and data about their citizens.

Encryption is for everyone: Individuals use encryption for many of their daily activities.

  • Smartphones, personal computers, and external hard drives are often encrypted by default or by user configuration. Encrypting devices helps prevent thieves from retrieving data from stolen devices.
  • Encryption helps protect debit and credit card information when they are used in-store and online.
  • Devices that use Bluetooth, such as smart watches or garage door openers, use encryption to prevent unauthorized use.
  • People can use encryption to verify the identities of the websites they browse, the software they download, and the documents they receive.
  • Individuals can use encryption to write private notes and send private messages, emails, and calls to their friends and family.

Further reading:


This post was originally published on the Standard Notes Knowledge Base. Standard Notes is a free, open-source, and end-to-end encrypted notes app.


Join our Slack and follow us on Twitter to get all the latest updates about Standard Notes.

The 120 Day Update

A little bit of sunshine has graced us this week, and after a few months of heavy bunkering in our winter den, we emerge energized and with news. Here are things we've released or have been working on over the last 120 days:

The all-new 3.0 mobile app for iOS and Android
It's fully redesigned, and really fast. We switched from React Native Navigation to React Navigation, and the app feels much more stable and smooth. We still believe React Native is the way to go, and we now share a single core JavaScript library that encapsulates all encryption and item management across our entire suite of applications, which is a dream for sustainable development.

The 3.0 desktop/web update
It features a much cleaner UI, especially with themes and editors. We've also made some optimizations that lead to a roughly 30% increase in initial startup performance. Simple, but smart optimizations, like prioritizing loading of preferences before notes so that the proper sort order is set before notes start populating, and loading most recently modified items first, before any older items. The result is simple but drastic.

Secure Spreadsheets Editor
Yes—spreadsheets inside the comfort and privacy of Standard Notes. And it's really wonderful, with formatting, merging, formulas, currencies, and more. Excellent for small financial worksheets, like cryptocurrency tracking.

FileSend, a simple and secure way to share encrypted files
Files are deleted immediately after the recipient downloads them, or after specified duration. Extended members get some extra power-features, like email confirmation when their file is downloaded. It's also completely open-source, so feel free to self-host to get your own personal file-sharing portal.

Gifts! 🎁
You can now gift a Standard Notes Extended subscription to someone else, whether it be a friend or someone in your company. You can also choose whether you'd like the subscription to auto-renew with your payment (defaults to no). If you know someone that can benefit from encrypted writing, a gifted subscription can be an excellent choice.

Extending subscription and changing plans
On that same note, we've made it easier for Extended members to extend their subscription with extra time. Previously you had to cancel and then renew, but now it's much simpler. This is possible because we've rewritten much of the subscription management to be under our manual control, rather than relying on out-of-the-box solutions from Stripe and PayPal, which provide convenience but low flexibility. If you want to extend your subscription with more time, or change your plan, click the title link above.

Economic Difficulty Discount
We're also happy to offer a new "economic difficulty" discount, if you so need one. While the need for privacy continues to grow, we're still largely a speciality product, and speciality products need to be selective with their pricing. Ultimately, however, we don't want price to be a factor in whether you use Standard Notes or not. If you truly cannot afford our prices, then get in touch, and let's explore other options. Please note that we will likely be very selective with this as we experiment more with the idea. Any discount we do provide is only subsidized by other paying users, so please be respectful of their time and contribution before you make a request.

Vindication
I realize that saying Mark Zuckerberg in a privacy-centric email like this is like saying Voldemort at Hogwarts, but one of the largest technology companies in the world announced a new desire to shift towards a more privacy-centric direction. Sham or not, it's some serious validation for privacy enthusiasts who have for decades argued that privacy is the only way forward. And for all of us that have been taking privacy seriously "long before it was cool", it feels good to be on the right side of history.

Why is X feature paid and not free?
We wrote a post with more thoughts about our revenue model, and alternatives we could have explored. Our life might have been simpler adopting the "Netflix" model of a completely paywalled service, but the "freemium" model has been our fate, and deciding the balance between paid and free is tremendously difficult. We write this post as a general answer to the not too unfamiliar question of "Why is this feature paid and not free?"

"Everyone asks what is SN but no one asks how is SN."
We're doing great, thanks for asking. Financially, we stand on stable ground. Generally, subscription revenue makes sustainability a much easier topic than if we featured a one-time payment model. We don't think we'll be going anywhere anytime soon, especially with the upward trend of privacy. We're grateful to everyone who believes in us enough to be a paid subscriber. It's really you offering this application to the world, and not us. We're excited to see what the next ten years bring, both in terms of challenging ourselves to keep the application as simple as possible, and yet continuing to innovate in the space of extensibility and data care.

Help support our continued development →
It's not everyday we get a chance to communicate directly with so many of you at once. So, if you cared enough about our updates to read this far, thank you. And quite literally, none of this would be possible without your support. While advertisers might have tried to convince us all otherwise, nothing on the internet is truly free. We realize that saying this is mighty convenient for our own cause, but we do truly believe: pay for software you love. That's the only way it sticks around. If you haven't yet gotten the chance to give Extended a try, feel free to give it a go. We have a special 5-year plan that comes out to $30/year as a sort of fundraising model (#NoIPO). Of course, we only want your money if you're really going to get the most of all the additional productivity tools Extended offers, so we offer full refunds within 30 days.

This post was sent as an email newsletter to Standard Notes users on March 13, 2019.