I understand that some of you consider losing web access an acceptable trade-off, but for us, it’s not. The web version is currently our most requested feature, and we’ve put significant effort into bringing it to where it is today. Moving data into ADP-encrypted fields would make it impossible for us to query, even for users who don’t have ADP enabled.
Let me say this again: we are not outright rejecting ADP. Instead, we are actively experimenting with the web version and the data it relies on to see if we can make them work together.
I also respect that you have your interpretation of our decisions, and that’s fine. Bear is a heavily opinionated app by design, and we’re committed to keeping it that way. While we work closely with our community, the choices we make ultimately reflect our vision for the app.
Hey - just popping in to say thank you once again for looking into ADP at all. When it comes to privacy (and writing down personal thoughts) anyone can get reasonably heated up - but please don’t feel discouraged by that
I like the idea of not using ADP but instead using the encryption you already had made for this app! Only, you expand it and rework it, so that it covers the whole database, and locking notes is just to password protect them and hide the contents, but all notes are encrypted. Apple’s decision in the UK with ADP is pretty silly.
I registered to this forum for the sole purpose of commenting that I want to use Bear again but I will not do so until E2E is fully activated. Just wanted to bring my voice to what seems to be a wanted feature by the Vox populi
The UK is the first government to demand access, I guarantee you it won’t be the last. One day it might be your government demanding access from Apple.
I’m a UK citizen, looking to become a digital nomad.
Setting the feasibility of this aside - I also think E2EE for the entire database would be.. Incredible. It might* even work for Bear Web, turning Bear into a web-based E2EE app. For reference, an app that does this is Standard Notes (although Bear is in a completely different league UX-wise).
I love the Proton ecosystem but let’s face it, Standard Notes is far below Bear functionality-wise. Yet I’m still using Standard Notes because E2E is more important to me than what Bear brings otherwise.
@matteo I did have a quick question regarding your current encryption model — how is metadata handled? When we lock a note with a password (effectively encrypting it) does metadata such as note title, creation date, edit times, location, etc. get stored anywhere or is that all encrypted as well?
The current model encrypts sensitive data (text, files, filenames, file sizes, and search text) while keeping essential metadata unencrypted to ensure the app functions properly:
• Note title: Allows differentiation between multiple encrypted notes
• Modification date: Enables sorting in the notes list
• Flags (e.g., “pinned,” “archived,” “trashed,” “tags”): Ensure notes appear in the correct locations
I’ll share this as a separate update in the forum, but we have an internal version of Bear that supports ADP!
I gotcha, that makes sense. So if metadata got encrypted we probably couldn’t use the search function and stuff right?
And what?! Nice! I’m really happy to hear that! Hey — sorry if I ever came off rude about this whole ADP thing, it’s just something I, and others, are pretty passionate about. I’m super stoked to hear this!
Correct! A lot of features (search, organization, quick open, backlinks, etc.) wouldn’t work, making those notes practically unusable in the app.
Each time we update the data model, we review the encryption layer to see what’s possible. ADP is now achievable because we’ve adjusted how certain features use and query the data.
Yeah, that’s of course an issue. But I still give it to the devs for at least implementing it. If the same thing that happened in UK, happens in the US — well I’m just going to live in the woods.
