Unfortunately I need to bail on Bear for Notes until E2EE via ADP comes along. I’m just one customer but alas.
3 Likes
I’ve decided to slowly move over to Agenda over this. Agenda is simple enough and supports nearly the same things as Bear while also giving me the option to sync everything E2E. It’s a bit more expensive but since it’s my note taking app we’re talking about, I’m okay with paying more to keep myself safe. Just like many others here, my notes contain the most sensitive information I have and I can’t risk them being unencrypted with my own keys.
3 Likes
After long being a Bear advocate, I am too considering switching. As others have said, this is not a secondary matter - especially considering the recent turn in US politics.
4 Likes
I really want to like Agenda, but the whole “every project is a long list of notes you need to scroll though” thing is tough. How do you manage organizing content? e.g. Let’s say I have a “Recipes” category – scrolling through every recipe to get to the one I want (when I don’t want to use search) was a dealbreaker in the past. 
4 Likes
The way notes are organized in Agenda is totally different than in Bear and I think that’s a feature. The whole point of Agenda is that your notes are a timeline. I personally wouldn’t use Agenda for recipes, though. I would stick to Bear/Apple Notes for that or use a dedicated recipe manager like Mela instead. Obviously, it would be best to have it all in one app, but we can’t have it all, unfortunately.
What does the turn in US politics have to do with this topic?
I should imagine they’re alluding to concerns that Trump et al., will force companies like Apple, Microsoft, Google etc. hand over their keys to allow government access to private individuals notes.
I’m not in the US and have no axe to grind with Herr Trump, but this is my understanding
1 Like
Ok, got it. It won’t happen. Trump’s previous administration is the only one that was publicized to have asked for this, but it’s not the only administration to do so. I believe the system will prevent this from happening…
3 Likes
Is the main concern in this thread encryption between the device and the server? Or encryption where the data is actually stored?
I read the comments that is seems the concern of the government making Apple (or whichever company) to hand over the encryption key enabling them to have access to people’s individual notes.
Is that the concern? If so, are there any cloud providers that could not happen to?
Asking a question which I’m not 100% versed. Is there any reason NOT to enable Apple’s Advanced Data Protection? I mean is there a downside to enabling it?
The corcern is the lack of end-to-end encryption, which netiher encryption where stored or in transmission. We know that the transmission is encrypted. And we know that the storage is encrypted.
The issue is WHO can decrypt it. Without end-to-end encryption, the data stored on Apple’s servers can be decrypted by 2 parties:
- You
- Apple
With end-to-end encryption enabled, only you can decrypt the data.
I have a ton of notes with enough personal information in them, that I could not store them outside an end-to-end encrypted environment.
Lack of end-to-end encryption is a deal breaker for me, and I will need to move onto another app.
Here is a summary of what I have gathered:
- End-to-end encryption is available for CloudKit syncing, but it requires that all users be on MacOS 12.1 or newer. There is a significant portion of users that are on MacOS versions older than that, so Bear is unwilling to enable it.
- Some apps offer the ability to turn on E2EE in their preferences. Bear does not seem to want go that route.
- If you lock a note, that note is now E2EE. But there is no way to lock ALL notes. According to Bear, this causes a serious performance degradation.
Those of us that require E2EE are stuck between a rock and a hard place now.
But, it is what it is. The Bear developers have made their decision and they need to do what’s best for their business. And I need to do what’s best for my data.
It would be nice to know where E2EE is on the roadmap. Is a version 3 feature? Is it a never going to happen feature?
5 Likes
It has to do: nothing!
Thank you so much for the explanation. Are there any “notes” programs out there worth looking at with that capability?
I don’t think I should mention any of Bear’s competitors on their forums. Just do an Internet search on end-to-end encrypted notes apps for Mac and I’m sure something will come up.
Precisely. There is, unfortunately, no getting away from US politics even for us in other parts of the world.
2 Likes
Let’s not give up on Bear just yet. Developers, change your tune! We need E2EE, as an option at least.
1 Like
Hi everyone,
Let’s talk about Apple’s Advanced Data Protection (AADP) and where we stand on implementing it:
Currently, enabling AADP isn’t as simple as flipping a switch. Apple does not allow existing data fields on the CloudKit server to be retroactively marked as encryptable. To make it work, we would need to duplicate every field in the CloudKit database, re-upload all your data into these new fields, and ensure that all versions of the app remain compatible and can still sync properly.
This process would require an enormous amount of effort and is far from straightforward. It could introduce new bugs into the sync system, potentially causing issues for many users while offering little immediate benefit to most.
That said, we are planning to support AADP in the future. We’re currently working on changes to our database structure and how we store notes, but we don’t have any updates to share just yet.
In the meantime, if end-to-end encryption (E2EE) is a top priority for you, Bear already provides custom encryption tools. This ensures that your notes remain secure and unreadable to anyone—Apple included—without your encryption password.
As a side note, we’re also working on enhancing our custom encryption to support notes with attachments. This will be a major focus for the next big release of Bear, and we’re excited to bring you this improvement.
Thank you for your understanding and support!
17 Likes
I agree. I should not have asked that question.
Thank you for giving Bear all of the attention to detail that you do. You probably don’t get all of the credit that you deserve.
You folks are a top notch group.
Thank you.
Dang, I really love Bear and I was under the impression that Bear does have E2EE but as I’m reading these comments, I might have to (unfortunately) move over somewhere else. I just can’t believe that in todays age, with an app as popular as this, that this hasn’t been implemented yet. Screw my feature request for the Everforest theme, E2EE is definitely number one priority.
I absolutely love Bear and do a lot of writing in it. But yeah, not having true E2EE is kinda wild to me.
5 Likes