How it works
We are a service, that will help you hide the most private data from being read by third parties when sharing it with one interlocutor. Instead of sharing your passwords, payment details, addresses and other confidential data in the clear in messengers, send your partner a link to the one-time note generated by this website.
After being first read, the note removes from our server and can't be recovered. So if your interlocutor is the first to view the note, nobody will be able to find out the note's content afterwards. Even if anybody reads a note before him, at least, it will be realized, when he won't be able to open the note.
Frequently asked questions
- Can website admins or hosting-providers view the notes content?
- Can any site scripts intercept the note's content when it is decrypted?
- What do you know about note, except for its content?
- Do you store ip-addresses of your visitors?
- What stats do you collect?
- How do you monetize this website? Will there be any ads?
No, all notes are been encrypted by client's browser before sending to our server. A random secret key is used to encrypt a note, which is also generated by the browser. This key is given to the reader in the link itself after the "#" symbol. It is used by his browser to encrypt the note's content received from our server.
No link symbols after "#" (and the key) are passed to the server. This link part is called an anchor and it is usually used by browser to navigate through the page.
Thereby, we don't process any data from the note, except for it's encrypted content, that can't be encrypted, as we don't know neither link nor secret key.
By the way, if you know how to see the browser's requests in the developer tools, you can go and see how the notes are encrypted, and what is sent to our server.
We don't associate neither note creater, nor its reader with the note itself. We believe, that our goal is to store as few of your data as possible.
There have been always lots of notes, which have never been read. Taking this into account, we decided to set the maximum storage period of every note. When this period expires, the note deletes, even if it wasn't read yet. To prevent fingerprinting we decided not to store the note's creation date. We store the expiration date and time instead, allowing our users to choose the expiration period (it can be foond in advanced options, when creating the note). By default, our notes are deleted 7 days after creation. Please note, that it's also the maximum time they can be stored.
Now every note has 4 fields in our database: its id, encrypted content, expiry date and a counter (also needed for decryption) . Here is the example note data from the database:
As we mentioned before, we try not to collect visitors' data. Ip-addresses are not the exception. So in our logs we record only ip-addresses hashes to distinguish different site visitors, which can be helpful, while we debug. These hashes are also used in our antispam systems.
We have only 2 counters: the amount of created notes and the amount of read ones. These counters help us to analyze, how active is our site used and sometimes even prevent the bot attack! We don't use any external analytics services, such as Google Analytics. The reason is revealed here.
At first, this site was created for private use. We made it not to earn money. We made it to protect our privacy. Of course, if our audience will be large enough, we will think of earning money. But we'll never use ads engines like Google, as it requires using their scripts on our site. As we are against using external code, the only way of showing ads on our site will be searching for advertisers by ourselves. But the best method of earning money, as we see it, is creating a donation system.