And since I'm not making an account now, I can't delete my submitted information. Should I expect newsletters or spam now?
And I hate companies that take this insane approach.
> At this time, Consol supports encryption only of certain content types, viz. notes, code blocks, and images, for users who have subscribed to the E2EE component. The other content types available in Consol are not yet encryptable.
> Notably, Consol E2EE does not yet support encryption of the titles of any content types. For example, if you create a Consol note and encrypt it, the text you add to the note’s body will be encrypted but its title will not be encrypted. For now, you should operate accordingly. We plan to improve this in the future.
> You acknowledge that if you encrypt an item after you create and add content to it, there may be a period of time in which your item’s body content is not encrypted while being stored in our database. To ensure the greatest security currently available in Consol’s system, you should, where possible, encrypt an item in its pageview before you begin adding content to it. It is better practice in Consol to encrypt an item first and only then begin work by adding content.
> This means that for certain content types that require creation and upload before the pageview is visible, such as uploadable or linkable images, Consol does not yet provide a way to encrypt such body data beforehand. You acknowledge and consent to the attendant risk that you must manually designate certain content for encryption after it has been uploaded.
I don't appreciate having to dig through your FAQ to find the holes and caveats. There is literally no technical reason for this.
If you are going to make security promises like this you need to:
1) Actually have them implemented.
2) Have them secure by default.
So.... the data goes across the wire in clear-text, and is encrypted later? Ummm, sorry, no.
First off, I'm not interested in anything that stores data that I might want to encrypt "in the cloud". It goes on my own server. Full. Stop. And sending data across the wire in the clear and encrypting later? ? I mean.... ???
As I understand it, the app uses SSL, so data is always sent over a (presumed) safe transport. I do agree that in order to meaningfully differentiate from the Google/Microsoft/Dropbox/OtherCloudFirm CanHasAllYourDataPlease-model encryption needs to happen 1) on the client 2) by default 3) For everything (including meta-data like filenames 4) should probably not be possible to turn off
Either way, I find it interesting that someone is trying to do at least some things right. It'll never be secure as a hosted solution (presumably they can (be ordered to)) backdoor the client at any time - see Lavabit) -- so I'm not sure I see the point (secure, but not actually secure?). Maybe release it under AGPL and offer a hosted version in order to a) have the client(s) be open and b) offer a solution to those that want to make the trade-off?
It would still be miles better than storing data with a provider that openly says they datamine everything.
But that is just my reading of it, maybe the dev can correct me.
Looking forward to trying this out!
Edit: You guys might want to be a bit more clear that you're requiring a credit card to signup for beta access, even if you're not charging for 30 days.
The caveats surrounding E2E capabilities as listed fweespeech are concerning. Security should be enabled out the box if that's a key selling point.
I think I could definitely be a user of this app as I am searching for a similar solution.
Also, you say in your video you can save code, does it include syntax highlighting ?
Can you have a shared "library" of stuff with other people ?
Edit: Can you pay for instance 1 year in advance and not leave your CC details on the server ?
I always prefer to renew manually than leaving ma credit card details all over the place.
2. The code does include Syntax highlighting
3. A Shared "Library" is something we are actively working on delpoying. It's very very high on our roadmap.
4. Stripe handles the CC, so we don't store it. That may not answer your question, but I know that's true. We are also working on longer subscription pricing. Expect that very soon.
Please, keep updating it like you already did to track what you released !
https://www.consol.io/top-10-missing-features-you-need-in-co...
- (not a native speaker) but the english-text in the video seems weird: „much tools“, „very hassle“.
- the landing page is too bloated in my eyes (colors, text), really hard to get a quick grasp of what it is about
Good luck!!
EDIT: - text-color on the signup form is black with a black background. Not sure if intended? Nearly impossible to read what I type. (FF 44.0.2)
This is a play on doge speak[0]
[0]: http://the-toast.net/2014/02/06/linguist-explains-grammar-do...
* Is it open source? (My assumption by skimming through the ToS is no, but I still haven't found a definitive answer.)
* Does it work on Linux? Or is it web-based maybe? How about Android?
* Is it going to be free? If not, what's the price of it?
How get.
The fact that HN isnt an option on "how did you hear about consul" is an oversight
gw devs / nice turnover / etc etc
The actual app looks really cluttered (with multiple left hand panes for navigation). The "beautiful" statement seems more directed at the rainbow UI, which seems more distracting than anything else.
So what are your killer features?
0. All this stuff
1. E2E encryption
2. Cloud sync (presumably I could just store the DB on Dropbox)
3. Ad-hoc organization via hashtags
Consol is very very slick. It's definitely a UI for "power-users" /s and I would prefer this over my current productivity stack, which is just gMail, gCalendar, gTasks, etc. It's much more streamlined and very well thought out. But I can't afford to be locked into these tools, especially not for 9 bucks a month. Consol really is just a reimplementation of many of google's tools, with tighter integration and less baggage.
I'd be jazzed if my boss bought a license for the whole company, instead of a company google account. But until that happens, Consol will be, IMHO, a very shiny ghetto. Because of the break with traditional tools, it will be hard to build a user base because of a reverse network effect- I can't use Consol effectively until other user's signup as well. IMHO that hurdle can only be cleared by signing up whole teams, not individual users.
I would recommend tighter integration with existing services but that does not seem to be compatible with end-to-end encryption. Perhaps it would be helpful to introduce a migration tool for acclimating new users.
TL;DR A nice tool IFF you whole team migrates at once and you can make a clean break with the past.
I don't love the onboarding (too many barriers to getting started) but you guys seem like smart guys. I'm sure there's a reason for it and/or you'll figure it out.
Good luck!