Skip Navigation
Privacy @fedia.io CONFIG.SYS: LOADHIGH @bitbang.social

I'm checking out various "personal knowledge management" tools in a sandbox to see if it be an upgrade my ragtag collection of text file-based notes.

I'm checking out various "personal knowledge management" tools in a sandbox to see if it be an upgrade my ragtag collection of text file-based notes.

First candidate is #Logseq, supposedly "privacy-first".

How #privacy friendly is something based on Electron (aka Chrome)? Debatable, but then they also do this:

  1. Have "Send usage data" on by default
  2. Start with an example page that embeds a YouTube video, and accepts all cookies

tcpdump and mitmproxy go wild when starting the program.

Shows that the "Send usage data and diagnostics to Logseq" setting is enabled by default.
Shows the services being contacted by Logseq over HTTPS right after starting it for the first time. Hosts that are being contact: www.youtube.com, googleads.g.doubleclick.net, jnn-pa-googleapis.com, play.google.com, app.posthog.com, o416451.ingest.sentry.io

31
31 comments

  • @[email protected] Thanks for the great thread and analyses! ❤️ I'd love to get your take on @[email protected] and @[email protected] both are technically interesting takes on personal knowledge management #pkm:
    https://tiddlywiki.com/
    https://feather.wiki/

    • @[email protected] @[email protected] @[email protected] You're welcome :)

      I tried to build personal wikis a long time ago but the ones I tried didn't do anything with tags or metadata, so it was up to you to collect topics in categories or with explicit, hand typed links. That was a hassle.

      I guess I missed TiddlyWiki because it does go all-in on the relation metadata. I'm going to try it out, thanks :)

      I'm unsure about Feather Wiki because it's not working with files on disk directly, but it's very neat for 58kb.

  • @[email protected] I've been trying to solve this issue myself for a while, and the conclusion I came to last time was that for every positive feature in a given application, there were at least two important parts missing.

    (Spoilers, I ended up with Joplin even though I'm not super thrilled about it, but I just wanted a solution dangit)

  • @[email protected] I'll be following this thread because I'd like something not locked in to a large company... but one of my requirements is it needs to be usable by a non technical person (I use Markdown files for myself).

    In the past I used:

    • Evernote but this had problems syncing changes when my gf and I edited the same note (huge deal breaker)
    • OneNote but this was replaced by Loop, I don't like that it's MS and it force-opens links in Edge but for now it's the least worse option I've found.

  • Next up is #Obsidian, a tool I'm hesitant to consider because of the developers' view on open source. Hence, the source is not available except the obfuscated JavaScript that's ran by Electron.

    Despite that, Obsidian itself only does a version check (which can be disabled) and starts in "restricted mode" by default, which disallows third-party plugins (but does still embed external content when asked to.)

    There's some phoning home by Chrome but far less than with Logseq.

    Color me surprised.

    The program defaults to "restricted mode." "Would you like to exit Restricted Mode to enable community plugins? We strongly recommend making backups of your data before doing so."

    • Candidate number 3, #Anytype, is a whole different beast conceptually. More than a Markdown editor, it's a database consisting of all kinds of document "objects" and templates (Notion-like, I'm told)

      I don't have enough characters (500 is the limit on this instance...) to describe my surprise and disappointment about the difference between how they present themselves versus reality, so this will be multiple posts.

      The attached pictures are a collage of my expectations for Anytype.

      1/n

      On the left: "Enjoy true privacy" On the right: "Nobody can see what's in your vault, except for you Local, on-device encryption. Only you have encryption keys"
      image/png

      • Reality: everything you do in the program is being tracked and there is *no opt-out*.

        The program records all your actions and sends them every few minutes to Amplitude, a commercial analytics company.

        Deep down in the documentation this is mentioned, but there is no consent or even a mention in the program itself or in the privacy policy.

        It also communicates constantly with a few AWS EC2 instances, presumably the IPFS nodes it uses to backup your (encrypted) vault of documents.

        2/n

    • @[email protected] Huge fan of opensourse, but I do use Obsidian as my main notes tool these days. It's so pretty, just works, and while the core tooling isn't open, I have peace of mind that I can leave any time and move to any other text/markdown based tool.

      That's a big win over other polished note-taking tools like Evernote, for instance.

      I'd love to see open tools like Joplin get to the level of visual appeal Obsidian has.

      • @[email protected] That's definitely a big plus for Obsidian (and the current version of Logseq.)

        Anytype hides everything away in a database blob that can be somewhat exported, but when doing it in Markdown format the "relation" metadata (think Dataview) is lost, where with Obsidian Dataview's metadata is just there in the Markdown.

        Despite the misgivings I had about Obsidian it's looking like a very good option indeed.

    • When installing plugins all bets are off.

      Loading dependencies from CDNs, doing their own version checks, or showing a YouTube video on install, the most popular Obsidian plugin (Excalidraw) does it all without asking.

    • Funnily enough, when it comes to code by other people the developers do see the value of open source.

    • @[email protected] I use Obsidian fairly regularly. The advantage is that your data's all markdown files on your own disk. If Obsidian for some reason becomes sketchy (which I doubt will happen), I can move on to another app.

      The plugins are great and is probably what drives Obsidian for the most part if you wanted more than just a note taking app.

      • @trinsec Plain-files-on-disk is certainly is a big advantage compared to Anytype (and possibly the next version of Logseq), where everything is stored in a database blob.

        Anytype "objects" are exportable as Markdown (but with loss of metadata) or as a Protobuf-parseable packet but I didn't find any CLI tool to do that in an automated way. So something I need to consider in my choice.

        I'm pleasantly surprised by Obsidian so far, just need to keep an eye on the background activity of plugins.

  • Even when turning "Send usage data" off, Sentry is being contacted each time I switch to another note, until I restart the program.

    Not the hugest deal but it suggests to me that privacy is not what has the highest priority at this VC-backed company.

    https://blog.logseq.com/logseq-raises-4-1m-to-accelerate-growth-of-the-new-world-knowledge-graph/

31 comments