from the overview i can’t really tell what it is, although it sounds like onenote, which i’ve never really gotten along with. also yeah, the online requirement thing means it’s not suitable for secure work.
Hey- Thanks for the feedback. You’re right about the lack of overview or clear purpose- I’m aiming for more of a “just type and share instantly” kind of thing. At the end of the day, I guess what I want to know is- what could this be used for, you know? I might have one idea, but I could be wrong.
Curious- and it may sound basic but I don’t wanna assume- is offline use important for you mostly because of security or something else (travelling/using hotel wifi, etc).
I work with governmental organisations and heavy industry. spotty internet, data privacy, changing laws, cleanroom areas, IT audits, travel to places with less savoury governments, telemetry that shouldn’t be stored but is due to some flag someone forgot, takeover of the server, ulterior motives, you name it. needing a network connection means it has to be assumed compromised, and short of letting my IT dept host its own version, you can’t convince me otherwise. I need to be able to 1) sync data only when on a verified safe network, and 2) trust the server that data goes to and from.
when it comes to what something could be used for… are you doing market research, or basic research? building a tool usually means you have a need for that tool. If you’re trying to market something, do a proper test with a control group. just going “i made a thing, i don’t know what it’s good for” isn’t going to pull in crowds, especially if there is a barrier such as account creation to actually use the thing.
Edit:
also, your page is missing basic accessibility features. all the links are <button>s, not <a>s, so they’re not properly picked up.
Wow! This is great stuff! Really appreciate you taking the time to lay this out.
I get your point: in high-stakes, security-conscious environments like yours, needing a persistent internet connection is a non-starter. Your two conditions (sync only on verified safe networks + trusted server endpoints) are a clear, actionable framework I hadn’t articulated so well before-thank you.
Cheers for calling out the muddiness around purpose. I started this as a tool to scratch a personal itch, but I’ve been deliberately open-ended in trying to understand where others see value. Still, the lack of clarity does become friction-especially when account creation is required up front. I’ll be rethinking that flow and messaging.
Also noted (and agreed) on the accessibility issue. I’ll fix the <button> vs <a> problem-thank you for catching that.
what would a deployable/self-managed version for an environments like yours look like?
i’m glad you’re taking it as intended, i was worried about my tone…
a version that could be used in a restricted setting would
be offline-first (or online-optional, even)
install and work with minimal privileges (no curl|sudo bash)
have few to zero external dependencies that need vetting (to get past IT)
send and store very minimal amounts of data off-device (especially important for PII like user accounts)
use only audited and proven crypto and auth (because nobody should be rolling their own there)
allow bring-your-own-database setups for the server (because some places run the same DB software for everything)
play well with other tools on a posix system, e.g. make sure data files are structured text rather than binary (for future-proofing)
if running in a browser-based environment, preferably work without scripts enabled (to eliminate XSS risks)
if running in a native environment, be open and reproducible (so builds can be verified)
keep to itself; e.g. make sure to keep stuff in its own namespace and not spread files around (for the server this is usually accomplished by containerization but not everyone allows running stuff like docker)
from the overview i can’t really tell what it is, although it sounds like onenote, which i’ve never really gotten along with. also yeah, the online requirement thing means it’s not suitable for secure work.
Hey- Thanks for the feedback. You’re right about the lack of overview or clear purpose- I’m aiming for more of a “just type and share instantly” kind of thing. At the end of the day, I guess what I want to know is- what could this be used for, you know? I might have one idea, but I could be wrong.
Curious- and it may sound basic but I don’t wanna assume- is offline use important for you mostly because of security or something else (travelling/using hotel wifi, etc).
I work with governmental organisations and heavy industry. spotty internet, data privacy, changing laws, cleanroom areas, IT audits, travel to places with less savoury governments, telemetry that shouldn’t be stored but is due to some flag someone forgot, takeover of the server, ulterior motives, you name it. needing a network connection means it has to be assumed compromised, and short of letting my IT dept host its own version, you can’t convince me otherwise. I need to be able to 1) sync data only when on a verified safe network, and 2) trust the server that data goes to and from.
when it comes to what something could be used for… are you doing market research, or basic research? building a tool usually means you have a need for that tool. If you’re trying to market something, do a proper test with a control group. just going “i made a thing, i don’t know what it’s good for” isn’t going to pull in crowds, especially if there is a barrier such as account creation to actually use the thing.
Edit:
also, your page is missing basic accessibility features. all the links are <button>s, not <a>s, so they’re not properly picked up.
Wow! This is great stuff! Really appreciate you taking the time to lay this out.
I get your point: in high-stakes, security-conscious environments like yours, needing a persistent internet connection is a non-starter. Your two conditions (sync only on verified safe networks + trusted server endpoints) are a clear, actionable framework I hadn’t articulated so well before-thank you.
Cheers for calling out the muddiness around purpose. I started this as a tool to scratch a personal itch, but I’ve been deliberately open-ended in trying to understand where others see value. Still, the lack of clarity does become friction-especially when account creation is required up front. I’ll be rethinking that flow and messaging.
Also noted (and agreed) on the accessibility issue. I’ll fix the <button> vs <a> problem-thank you for catching that.
what would a deployable/self-managed version for an environments like yours look like?
i’m glad you’re taking it as intended, i was worried about my tone…
a version that could be used in a restricted setting would