

Vesper 2.0 and Vesper Sync - _pius
http://vesperapp.co/blog/vesper-2-0-and-vesper-sync/

======
tptacek
I admire the clarity of Gruber's writing, and I'm very happy that Vesper is
honest about their capabilities w/r/t/ decrypting notes stored on their
server, but "salted and hashed" was an unforced error.

My guess, knowing how smart the people behind the code for this app are, is
that they're not actually using "salted hashes" to store passwords, but an
actual password hash (like bcrypt). Either way: the announcement would be
better if it said which one they used.

"Salted hashes" have been obsoleted, and are quickly attackable.

It is possible to build an app like Vesper and _not_ have it be
straightforward to be compelled by the authorities to build surveillance into
it; with native clients as the only clients, some straightforward cryptography
would get them there. I'd hope they'd at some point be interested in talking
to cryptographers about how to do that right. But like I said, in the absence
of sound cryptography, candor is a _great_ substitute.

There's no OS X app for this yet, is there? I'd use it for personal stuff if
there was.

~~~
jgruber
We hash the password using pbkdf2. The actual code looks like this:

crypto.pbkdf2(text, salt, ITERATIONS, BYTES, function...

ITERATIONS is 1000, and BYTES is 32.

Our code is descended from the code on this page:
[http://www.thejoyofcode.com/Exploring_custom_identity_in_Mob...](http://www.thejoyofcode.com/Exploring_custom_identity_in_Mobile_Services_Day_12_.aspx)

~~~
zaroth
Note, if your crypto.pbkdf2() is using SHA1 underneath, then 1,000 interations
of SHA1 is very little computation for a GPU, which can do billions of SHA1
per second.

Also, asking for 32 bytes from PBKDF2-HMAC-SHA1 has some bad side-effects,
particularly if you are splitting up the result. (1Password got bitten by
this, and wrote up the issue here: [http://blog.agilebits.com/wp-
content/uploads/2013/07/playing...](http://blog.agilebits.com/wp-
content/uploads/2013/07/playing-defense.pdf))

~~~
tptacek
If by "bitten by this" you mean "had their security reduced by 1 bit", then
sure.

~~~
zaroth
I remember it feeling like a bigger deal reading about it at the time, but as
you say, you're just throwing away half of the stretching, reducing attack
cost by half.

------
kackontent
> We’ve tried to make it as easy and simple as possible to use. Here’s how it
> works. First, you create a Vesper Sync account using an email address and a
> password. Then, your Vesper data — the text of your notes, your image
> attachments, your tags, everything — syncs to our cloud service. Sign in
> using the same account on another device, and your Vesper data will appear
> on that device.

> That’s it.

I don't get why it's mentioned as something special - isn't it how it usually
works? Dropbox, OneNote, OneDrive, Google Drive, anything? You create account,
sign in, bam you have your data synced.

------
atmosx
> Though it’s theoretically possible for Q Branch to read the decrypted note
> text or view image data, we don’t have a mechanism in place to do that, and
> we won’t create a mechanism unless legally ordered.

So you can't protect data from US organizations. That's the reason I ditched
dropbox, I don't see any reason adopting another solution which is less
supported by third parties and has the same flaws.

Any non-US citizen using US-based companies for online data storage should
think twice before adopting any solution which is not in the EU or even better
on his own country.

------
malvim
Genuinely interested in why you guys decided to roll your own cloud sync
service instead of using something like dropbox or the like.

I recently started using YNAB (youneedabudget.com) for OSX and iPhone, and one
of the things I liked the most is how they used dropbox to sync flawlessly
between devices.

It's probably hard enough doing sync right even with the help of dropbox API,
but it just seems to me that rolling your own makes it two problems instead of
one.

Care to share your reasoning? Thanks!

~~~
jgruber
As the other posters have remarked, Brent's sync diary provides some of the
concrete technical reasons why we rolled our own.

Big picture, though, we consider sync so essential to Vesper's long-term
success that we wanted to control it. Dropbox is fantastic. We all rely on it
personally. But we don't want Vesper to rely on it. I'm sure everyone here on
Hacker News has a Dropbox account, and I'll bet most Daring Fireball readers
do too. But we want Vesper to appeal to everyone, including people who don't
know what Dropbox is or don't want it. (Plus, Dropbox doesn't work exactly the
way we want it to work; we have code running on our servers, not just data
stored on them. Vesper Sync works exactly the way we want sync to work.)

iCloud is very tempting too, because it puts all the onus of identity,
privacy, and security on Apple's shoulders. But with iCloud, you have to
choose between document syncing and Core Data -- neither of which is a perfect
fit for the way Vesper is designed.

Lastly, we want to keep the door open for a web app version of Vesper, and a
non-Mac App Store version for OS X. iCloud, by design, only works for apps
distributed through the App Store.

We wanted to offer one and only one good way to sync. That meant rolling our
own.

~~~
Holbein
In other words, you agree that iCloud's attempt at vendor lock-in is bad for
developers and consumers alike.

~~~
jgruber
Not at all. I would only argue that iCloud is not a good fit for all apps, and
Vesper is one of them.

------
ghshephard
It's not _quite_ a Canary, but the privacy policy has the line, "it's
theoretically possible for Q Branch to read the decrypted note text or view
image data, we don't have a mechanism in place to do that."

Presumably, that line will disappear if they create such a mechanism.

I'm super, super excited about the Vesper update, and can't wait for the OS X
app to role out. I use vesper as my sole note taking app on my iPhone - it
really is elegant, easy to use, and requires very little cognitive overhead to
hop into.

On my Laptop, it's all evernote, but, as much as I use it (2-3 hours a day,
all meetings) - I've never really loved it. It's got a lot of crud, and
upselling stuff that overwhelms me when I'm trying to just enter a new set of
meeting notes.

Love the way the Vesper team does stuff slowly, deliberately, and beautifully.
If only all software was crafted with that much deliberation. Artisanal
Software.

------
jwr
Are there any Vesper users that also used Simplenote?

I'd be curious to know if there is anything significantly better about Vesper,
compared to Simplenote. I realize Vesper lets you add photos (cool) — are
there other differences?

~~~
leejoramo
I primarily use Simplenote on my iPhone because it syncs with altNV on my Mac.
altNV is my primary note taking tool. I have tried various combinations of
replacements for both of these apps, but keep coming back to this combination.

I really love the Vesper interface. I find it much easier to use on the iPhone
than any other note taking app. I also find the implementation of the tagging
feature to be very easy to use to organize notes and to create work flows. If
I only needed notes on my iPhone, I would choose Vesper

I could see myself moving to Vesper if the OS X version lives up to the same
UI standards as iOS, embraces the keyboard, and has a good export/import
story.

~~~
jwr
Thanks for all the answers. As a heavy Simplenote/NVAlt user, this tells me I
should wait until Vesper has apps on all platforms I use (iPhone, iPad, Mac)
and reevaluate then. For the moment, I'll stay with simplenote, but keep
watching.

------
LukeB_UK
I have no idea what Vesper is and after looking at the website, I still have
no idea.

~~~
jgruber
Vesper is a simple, elegant notes app for the iPhone.

~~~
jicea
Strange that there is no "Rate this app" popup in the app...

~~~
lcnmrn
It gets better rates this way, but less people write reviews.

~~~
jicea
I know! I was genuinely ironic because John Gruber is well known for hating
this kind of alert views in iOS apps!

------
supercoder
Interesting timing with WWDC coming up.

Possible that Apple have been listening and present something new to make all
these custom jobs redundant.

I'm hoping they do, as a developer who also has rolled a few custom sync
solutions to avoid iCloud , we'd all be better off if the OS handled the dirty
work properly

------
comex
Is there a way to export notes from the sync server to an open format?

I don't currently use Vesper, but lack of such functionality would be a
dealbreaker for me.

~~~
jgruber
There is not, but it is on our list. We will get to it eventually, but it
didn't make the cut for 2.0.

