“DEVONthink” and Security 「デボンシンク」とセキュリティ

The news cycle today has looped back to security and privacy concerns about how our data is held, managed, and monetized by others. This phenomenon has gone by the innocuous label of “big data,” and also by the somewhat more economically honest term of “data mining,” but I think Dr. Shoshana Zuboff (Harvard Business School) has put it best by calling it “surveillance capitalism,” which she explains as a “new form of information capitalism [that] aims to predict and modify human behavior as a means to produce revenue and market control.” In my opinion, the current scandal can probably best be understood as one of the (entirely predictable) perils of unbridled surveillance capitalism.

While most reporters this time around are headed down rabbit holes searching for the proximate cause of this particular scandal (how the data got from Facebook to Cambridge Analytica), it looks like the more troubling systemic problem of surveillance capitalism will largely escape serious scrutiny. Alas! I can’t offer a solution to this sad state of affairs. I’ve been bothered by it for a while. But, you don’t have to give up on the cloud (other folks holding our data in their servers) just yet. I can suggest at least one app that will enable you to take advantage of all the benefits that the cloud has to offer without giving up your security or privacy: DEVONthink.


I’ve written before in praise of DEVONthink’s mobile app (a kind of “personal information manager” PIM), but since then it’s only gotten more secure, and you might want to take another look at it if you haven’t already moved all of your notes and other data into it. Of course, it isn’t free. But, then again, not very many useful apps are — Facebook and others like it may look “free,” but that’s only because you are the product, and you pay for the convenience of the app by handing over your data to someone else.

Here are some of the questions I ask about apps:

  • Is there zero-knowledge encryption (only I have access)?
  • Is my data encrypted at rest in the cloud?
  • Is my data encrypted during a sync?
  • Is there a passcode lock on mobile devices?
  • Can you sync without using the cloud?

For DEVONthink, the answer to all of these question is “yes.” I’ve never come across another PIM with equivalent security.

Security Feature Comparisons

Apple Notes, Evernote, OneNote, and Simplenote are all great apps, but in terms of security, none of them even come close to matching DEVONthink.

With all of the apps on the list above, everything you put onto the cloud is kept unencrypted at rest (on someone else’s servers), unless you specifically indicate you want something encrypted. Then, when you do want to encrypt something, you can only do notebook sections in OneNote, individual notes in Apple Notes, or text passages in Evernote. In contrast, DEVONthink To Go uses encryption (AES 256 bit) for the entire database when data is synced and when it is at rest in the cloud (Dropbox is a convenient service for this). Not only that, unlike every other app, the content of the encrypted data (everything) is still searchable, so there is absolutely no loss of functionality when you encrypt everything. In fact, after you set up the app, the encryption just happens, and requires no effort on your part. You won’t even know it is there.

What if you are extremely wary of the cloud and the Internet in general, you don’t want to have anything to do with it, but you still want your data available on all of your devices? OK. Just use DEVONthink’s WiFi, Bluetooth, or ad-hoc sync features that work without the Internet, just like we used to sync back in the Dark Ages of the ’90s (except it is fast and works).

Too Good To Be True?

How did DEVONthink (a company with only a handful of employees) achieve this miracle? I don’t know the technical details, I’m afraid, but as far as the business model goes, I think it’s simple: they went old school. You pay once for the app (no subscription scheme), they deliver the app (with regular updates), and that’s it — there is no data collection or data mining. Instead of calling it “free” and making you the product, they charge a reasonable price, make the product the product, and leave you alone.