Good to see! Standard Notes recently completed security audits for cryptography (Trail of Bits) and penetration testing (Cure53).
@andreas my bad. I checked it again and you’re right. I’m thinking of bitwarden. The blue accent of their brands made my wires crossed. Speaking of passwords: I would like to use bitwarden but due to their use of google analytics, is there a suitable alternative? What do you think of https://buttercup.pw/ buttercup?
@Privatepower42 I think Bitwarden used to use GA but now doesn't (found this PR removing it from the mobile apps: https://github.com/bitwarden/mobile/pull/55). It also doesn't look like their web app (https://vault.bitwarden.com) uses GA 🤔
Buttercup looks really nice actually, thanks for sharing. What gives me pause is it hasn't undergone a formal security audit like Bitwarden has (https://bitwarden.com/help/article/is-bitwarden-audited/#third-party-security-audits) but maybe this is on their roadmap (hopefully)..
@Privatepower42 huh, it does appear that the web app uses GA (I'm assuming server-side since no connection to GA is made client side 🤔):
"I will be adding an opt out flag soon for the browser and mobile products, but won't be here for the web project. If you are worried about google analytics on the web you can always use a nice extension like ghostery." - https://github.com/bitwarden/web/issues/10#issuecomment-253500433
@Privatepower42 Correction, Bitwarden doesn't use GA anymore.
"Essentially Angularlytics has now been "black holed". There is nothing in the apps that is connected to or makes calls to Google Analytics. You could verify this by monitoring your network tab in the browser's dev tools."
@andreas thank you for clarifying. Bitwarden needs to update their policy to not have this confusion. On another note. I sent you a friend request. Your content is good.
Personal instance of nitrohorse (nitrohorse.com).