> Is there an easy way to build, or a startup that offers, something that will email you once a day asking "What's happening?" and then accumulate the replies?
I did just that! Let me know what you think.
> Unfortunately, though, in this one case I can't promise that if you build it, I'll use it. Unless I know you, I can't trust that you won't read my emails. (I trusted the previous startup that did it because we'd funded them.)
How do you solve the "won't read my emails" problem ?
I've seen the statement in your website:
> Your data stored and transferred securely. No one will ever read or process your notes even the staff. Your data belongs to you and can be easily exported in preferable format by request.
But once the data leaves the browser there is no way to know, wouldn't you consider to partner with Gmail(or others) and appear as an addon to an already trusted company in order to start off the business ?
99% of the people who tell you they wouldn’t use the product unless it can’t read your email wouldn’t actually use it regardless, and are just asking for things they don’t really have any intention of using.
edit: I just wanted to add I think it's kind of a dick move on pg's part to ask someone to build this when there are like four different versions that already exist. If you like those products then you should promote them, and if you don't like them then you should email the creators with feedback. Asking folks to build additional competing products without doing that first is poor form, as is asking people to build stuff that you don't actually care enough about to Google to see if it already exists. I don't mean to pick on pg specifically, I just see this kind of behavior on Twitter (and HN) all the time, often from startup investors, and I think it deserves to be called out.
Separate the wheat from the chaff.
That probably doesn't work for physical products.
If not, what happens if someone else releases a superior product in the interim? Or my business needs change?
They'll get your business.
> Or my business needs change?
I didn't waste my time building you a feature you won't pay for.
Have the user generate a device-local SMIME certificate for <firstname.lastname@example.org>, register their certificate's public key with the server, have the server generate a mobileconfig that enforces SMIME when emailing anyone, and then in Mail.app change the From: address to <email@example.com> when emailing the diary address. iOS will remember that From change and use SMIME to encrypt all diary messages to the public key in your keychain (which the server can't decrypt), the server can reroute the incoming mail back to you using your private key, and your device-local key is the only one capable of decrypting.
Since you're using SMIME, you'll need to use IMAP for your data store, which provides perfect compatibility to any platform that can do SMIME key generation. I'm very curious if SMIME-encrypted emails can be used as encrypted Notes on iOS, now that Notes supports IMAP accounts :)
tl;dr: there exist ways to read your emails without knowing the private keys.
Diary site implementations will need to carefully evaluate whether this is relevant to them or to their users, who may well have been fine emailing plaintext to begin with (if you want an encrypted diary, you probably aren’t going to use email to write in it), before they assume that it’s a concern and begin testing email clients.
> But once the data leaves the browser there is no way to know, wouldn't you consider to partner with Gmail(or others) and appear as an addon to an already trusted company in order to start off the business ?
Also, I understand the concern and that Paul most likely will not trust their secrets to anyone. The problem is that's not a business, but a beautiful hobby project that I honestly love, so it's unlikely that I will ever spend time rewriting it and then paying Google $15K (https://www.gmass.co/blog/google-oauth-verification-security...) so they could vet me.
I respect if it's not what you're looking for but you may be able leverage yourself into a good position (with the community and with PG) as a result of the publicity + traction combo.
Great work getting that ball rolling so quickly!
As I read that, users must trust you. There's nothing that would actually prevent you from accessing the data.
So it's arguably misleading to call it a "private diary".
But none of that is relevant for "private diary". There, it's privacy between you and your diary.
But that's the problem, isn't it? I mean, many people do (sort of magically) think that their online stuff is private. And then they get pwned in one way or another.
Once for making this.
Second time for making it genuinely easy to use and setup myself.
unlike "Diary Email" your readme makes it very clear where the emails go, and since I'd host it I know no-one would read it.
Encrypt it before sending.
Isn't the point of a diary that nobody can read it but you? That's why they have locks on them.
If you want a diary that other people can read, that's called a blog.
More seriously, PGP is really hard. I think it has some potential for signing emails from your bank, Amazon, etc. but other than that ... it's just a pain. I'm not a crypto expert but a reasonably skilled IT professional, and even I struggle with it.
Create a filter that applies a "Journal" label to emails from your own address. Then create a filter to have it skip your inbox. Whenever you want to view your journal, just search for archived mail with that label.
Nobody but a handful of very vocal HN posters care about this. In the marketplace this isn’t a problem.
At the end of the day, you have to trust your data in somebody else’s hands. Unless your print your own circuit boards, make your own CPUs and write your own operating system, you cannot escape trusting a third party.
When my mother worked at the local government she (illegally, and unethically) accessed the file of a friend, and learned that a friend lied about the reason she's in a wheelchair, the real reason being somewhat embarrassing. She told all mutual friends about it too and caused big drama (she's a toxic person). This was over 20 years ago btw, privacy problems aren't new (just the scale of it has changed).
In the Netherlands we have a municipal database with data for all citizens. Civil servants legitimately access it in the course of their duties, but names for famous Dutch people have many more hits than regular ones. I think especially for high-profile(ish) people like Paul, it might be more of a concern than you or me.
I'm not paranoid about it, but I do think there's room for improvement.
true end-to-end encryption is the only way?
Just encrypt locally before sending.
Great design. Where'd you get your little illustrations?
Does this mean these companies are outsourcing their graphics, mock ups, etc.?
On the other hand "Used by X" can mean anything from "X uses us as a core part of their workflows" and "A small team at X uses this sometimes". So don't give it much weight.
For example, even though Salesforce obviously has a lot of talented programmers on the payroll, I wouldn't be at all surprised if the Dreamforce conference website is built by a separate firm.
Any feedback is appreciated!
e: Also, I used to use https://750words.com which is quite similar.
name+ideas@ for app ideas
name+notes@ for random notes
name+writing@ for article ideas
the plus syntax is part of the email address specification. any server that doesn't support it is by definition buggy because some mail won't work as expected or designed.
Many mail servers have a setting to configure which character to use; some default (or used to default?) to "-" instead of "+".
Edit: doesn't mean everyone will use it though! But guess the plus sign in addresses would be more "email" than just email.
So as long as you, the user and owner of an address, know that your domain supports/not supports it, you can use it.
I don't understand who would have to add any allow/blocklists?
I know someone who constantly complained that web site X or company Y are stupid, because they don't follow the RFCs, don't know the syntax of mail addresses, because mail validation in web forms often rejected anything with a plus sign.
The correct answer would have been "don't do it then" or maybe "how about configuring your Exim so that instead of '+' you're using '-' as a separator, but I suppose the complaining was a big part of the fun.
There's also a generational memory issue here, and I'm not aware of any C.S./C.E. programs that cover RFCs as part of the core curriculum.
(viz. not a gmail-specific feature)
Sometimes I don't even press "Send". Just keep pages of daily notes in the "Draft" folder ;)
It's super powerful, but uses few resources compared to vscode/intellij. Not to mention it can handle massive text files like a champ.
This whole 'email yourself as diary' seems like overkill to me when you could just write something yourself. Unless you are cool with sharing your diary with 3rd party services. Anyways it's still a cool little thing, just throwin my two cents.
Stats wouldn't be possible (of the top of my head) but I don't care about that much.
I've been using it since OhLife shut down and it completely fills the gap for me.
I recently modernized the code a bit, ported it from Mongo to Postgres and improved the selection of the random entry that is sent to you, but I haven't pushed those changes yet. They'll go out in the next week or so.
Also, for those of us who never used OhLife the readme doesn't really tell me what it does.
And yes, good point on the README not explaining what it does. Thank you. I'll fix that.
I've been continuing to use DailyDiary since.
I have an apps script that automatically adds a draft response to these prompts, which still starts with an "Oh Life, ...." salutation. The script also adds the day's weather report to the bottom of the draft. My todo list has an item to add top and random tracks from my scrobbled music listening for the day.
In the evening I fill in the body of the response with reflections from the day and off it goes.
Email only authentication would presumably outlive any provider.
I bought into the MyOpenID SSO excitement once, it worked pretty well until it went away. After that, back to email accounts, identity providers like Google/MS/Twitter don't end to know everytime you're logging into your app.
It’s as private as your email...which probably means not private.
Like most people, I depend on an advertising company to host my emails. But I wouldn’t share my private diary with them.
I'm assuming you're speaking to higher-level issues, such as privacy or security?
A good email client can also learn to automatically encrypt when you send to a specific email, so you can send to a specific alias (with a plus or subdomain aliasing scheme).
(Also, calling PGP "the best encryption there is" might be a bit of hyperbole.)
And the company's business model is absolutely irrelevant actually. You still need end to end encryption.
> "But then will your diary service work right with it?"
Yes, it's called an email archive. It's searchable too. All you need is an email client that supports PGP. I personally use Mailmate.
And I've got email going back to 2004, while I no longer use any apps or online services from 2004 (most died).
I know it's largely a one person experiment and not a real business, but some feedback
> I won't sell your data and will be very personal with you.
This isn't good enough anymore. You need to promise that my data won't ever _ever_ be sold. Especially since you're asking me to share my diary with you. I'm not sure if this kind of promise can be made though. Maybe we need some legal apparatus you can declare that gives me peace of mind that no future owner of your company can change their mind.
Although, a web service to share notes with friends is probably okay.
Well that's more of a journal. But yeah, a "diary" service can be used for less private stuff too.
Here're some facts that could help you to find peace of mind. First of all, I operate in the EU, so I can't simply sell your data. Also, it costs me virtually $0 to maintain the service (thanks to Firebase and Mailgun), so I won't be forced to sell out to keep it afloat. At last but not least I use it myself with my close friends so we're in the same boat.
Thousands of active users. Very (very) slowly enhancing and monetizing with additional features, but it's far down on my priority list.
I mean I get the trying to push a startup in a direction (so they can invest potentially) but somehow I don't think that is what is going on.
- I can start a train of thought on the mac, continue it on the phone and complete it on my mac.
- It's not mined by some advertising company, no subject to the viability of some business.
- Being so simple, the contents can be exported to some other format very easily.
- Works offline (only background sync requires connection).
- And search is near instant since everything is stored locally.
But you can actually do that with Shortcuts, which is build into the system.
1. Make a note with a title like “journal” or “daily log”
2. Open shortcuts, go to automations. Make a new one with a time of day trigger. (Or an alternate if you prefer)
3. Actions: “find all notes where” —> filter for notes name. “ask for input” —-> ask the question you want + put “current date” as default entry. “Append to note” —> use magic variables. Select ask for input as the text to append, and note as the note to append to. (Specifically, the note your filter found)
4. Duplicate this for as many times of day as you want to be asked
5. At the appropriate time, click the notification and enter text to log it. Also add a trailing newline for note formatting. If anyone knows how to automate this on shortcuts, let me know: newlines seem tricky and I haven’t figured it out.
This automates the asking, and also the timestamp. Thanks for posting your idea, it prompted me to setup alerts for 11:00 and 5:00 pm.
Edit: this doesn’t transfer bullets to notes. If anyone knows how to append bulleted text via shortcut, let me know.
I've done similar for reminders of things that I want to take measurement of in a simple way throughout a day. Like taking a childs temperature when they're sick and running a fever.
(leave blank line)
Buggy enough that I have to use something else for taking notes with iPad+Keyboard. I've found Bear to be pretty good but not better for my use-case than a less-buggy Notes would be.
Since "ubiquity" and "simplicity" are the two main selling points for standard Notes, this is proving to be pretty annoying: I sometimes write in Bear then copy-paste back into Notes.
Otherwise, I'm also a fan of how perfectly minimal and focused Notes is for journaling.
There are a few apps around that can do this in bulk. I have one called Notes Exporter. Apparently Note2Txt is also good: https://www.macsparky.com/blog/2016/5/exporting-apple-notes-...
I am a little worried that some day these tools will disappear, but iirc the notes are just kept in an sqlite database so it shouldn’t be too hard to hack your data out manually, either.
It prompts you in email not having to change applications. This is good for people who like inbox zero and are in their emails all day anyways.
I used it and loved it. It was cool while it lasted. Unfortunately it's just one more example for why I don't trust startups.
Also you probably don't need a service, personally I can just send email to yourself, PGP encrypted. The only bit that's missing is a periodic reminder, to which you can reply. But I can probably set that up as a cron job.
And an open source self-hostable one that was started right around the time ohlife shut down: https://github.com/einaregilsson/MyLife
> But I can probably set that up as a cron job
Almost every app could be replaced with email, a cron job or a spreadsheet ;-)
Many of us were not aware of privacy issues then, plus we were naive enough to think that the services we adopted would survive if cool enough.
I loved OhLife, but now 10 years later I wouldn't subscribe to a clone. Fool me once etc.
I wish you succeed though. It's a cool project and your landing page looks good.
Writing diary has been so much easier! (though probably will be hard to extend to people who don't know/like terminal editors, or command line itself)
I should point out that Penzu is not a completely free service. There is a basic free tier, and then there are paid plans with additional features.
Why not just write the e-mail in your current e-mail client and then store the draft in its own folder?
People have been doing that for centuries. They'd write a letter to themselves and then store it in a box somewhere instead of sending it.
Some people took it a step farther and would write the letter, and then burn it if they were angry. Very cathartic.
I use this for both regular "diary" sort of journaling as well as notes around what I was doing on a particular day. It's wildly useful keeping daily notes on things, for questions like "Hey, do you remember that bug we dealt with last year...?"
Congratulations, from a fellow hacker - what's it been, 2 days? That's really impressive speed, especially considering it's nice looking.
A lot of people would confidently assume they could knock this out in a couple of days no problem, but it'd actually take them a few weeks at minimum. I had a post on the front page a few weeks ago on the topic , perhaps you saw it - I could learn a lot from you :-)
Well, I'm still pretty excited for the OP at the right place right time nature of this. I mean, imagine browsing twitter and noticing that Paul Graham asks for someone to build the very product you're sitting on fully formed :-)
Kind of a perfect case study of the adage that you need to work really hard to prepare in order to be lucky!
It has a single notification per day which is directly actionable (Asks for your mood for the day).
Data is stored locally on the phone and can be backed up to your iCloud/Google Drive.
I have found this app to be more habit forming in terms of creating a micro-diary, rather than sitting down and jotting thoughts.
In the early 2000s, I had a setup where I could blog by either email or SMS. By default emails would become new posts. SMS would append to the latest entry, or I could create a new one with a keyword (NEWPOST title, I think).
This was a nice way to create and update travel journals before mobile internet and smartphones were widespread.
Please steal the idea if you like!
Maybe I'm not the target demographic for services like these but I would never trust my personal thoughts with a service like this.
I use jrnl.sh on mac, and I can easily have it in my documents folder and sync it up to iCloud. I also back it up to a few other places, and since it's encrypted, I don't worry too much about people being able to peek.
The format being very simple has made it easy to hack up python scripts which allowed me to bring all my old livejournal entries, medium entries, and wordpress entries together into one diary.
While I could have made a notes app, this allows my fiancée to look at it, comments on it, or make her own posts to give her thoughts too (though she hasn't used it).
I have thought about expanding it into a more general blog (technical or otherwise), I haven't gotten to that step yet.
Thinking about it, I could make a cron service on it to ask me "what's going on" with a link to make a new post as well, and make it optionally private (so only I or who I choose can see it).
My goal wasn't to create a 100% secure diary. If you need that, you probably should not store your data in the cloud. That's unlikely that I will ever try to make it happen. But even if I would, there're so many ways to screw it over anyway, so I won't ever try to make this promise.
However, I will consider open-sourcing it.
Also see my comment where I addressed the privacy issue: https://news.ycombinator.com/item?id=22045670
i cannot send emails from that email address and so it wont work for me.
While the initial email idea is tempting, it's nonsense from a security perspective especially with this use case.
A very related project, that focuses on being a "social network" through email: https://news.ycombinator.com/item?id=21853667
Edit: I'm getting errors with the login functionality. Please check it out.
You can write a lot on one page. And I wrote some bash functions to store the links when you close your browser, and then give you the option of opening one based on the title.
Little nitpick - try out your signup page on Firefox mobile and you will see a one character width input field for the email input box :)