What Exactly Does "Shred" Mean?
Deleted, erased, scrubbed. Call it what you want, the difference between a "shredded" note and a "deleted" note is that
a reference is left to the old record when it's shredded so that people who try and access the note can see a "this note has been shredded" notice.
All sensitive information is deleted. All that remains is your email address for notification, the record ID and a timestamp.
I Created A Note, And Viewed It. It Didn't Shred
When you create a note, providing you are still logged in, it knows that you are the owner and therefore will not shred when you view the note or download the attachment. This gives you a chance to preview the note and ensure the attachment survived encryption process before sending the link out to your clients.
If you would like to test the shredding process, open the note link in another browser or simply log out and then view it again.
How Do I Know You're Not Reading My Notes?
Put simply, we can't. Your notes and attachments are encrypted using keys generated from your own note password. This means that every note has a unique encyption key. We don't have a master key, and once you create a note, only you or who ever you give the password to can unlock it.
The note contents are transferred to the server over an encrypted SSL connection. The contents are then immediately encrypted using your own password before being stored.
For the users who would prefer to encrypt the contents before sending to the server, you can use the client side encryption feature, which introduces a second layer of encryption with a key that is never sent to the server.
You can read more about NoteShred security here: Security
When Does It Shred?
When you create a new note, there are 2 different shred methods you can choose from.
This is the default and most secure option which allows your note to only be viewed one time. Once you create your note, you may only enter the password for the note one time before it will shred its self. Be careful not to refresh the page or click away before you can retreive the information as once it's gone, it's gone for good! If your note is not read within 1 week when set to "Shred After Reading" it will be automatically shredded and you will be notified by email. Notes with attachments that are set to "shred after reading" will be shredded immediately after the first download of the attachment.
This option allows you to configure a relative amount of time from now until the note is shredded. Relative time is expressed as 3 Hours From Now.
Simply put, if you want your note to have a life span of 5 days before being shredded, you can specify 5 Days From Now
What Exactly Is Encrypted?
The note contents and attachment are encrypted.
The email address and the note title are not encrypted.
Please be aware that you should never put sensitive information in the note title.
What Happens If Nobody Reads The Note?
All notes set to "Shred After Reading" have a 1 week lifespan. If nobody opens it within 1 week, it will be automatically shredded. You will receive the notification email as normal. The auto shred task runs once an hour on the hour. So if you set a note to shred after 1 hour, and you created the note at 1:45pm. It will be shredded at 3pm automatically if not read.
How Do I Get My Picture To Show In My Notes?
We use Gravatar to show avatars in notes. This is a free service, just sign up and account at gravatar using your email address and when you create a note using that same email address here at NoteShred, it will automatically add your picture from gravatar to the note. If we dont find any gravatar image associated with the email address on the note, we use the default "shreddy the robot" avatar.
Why Would I Not Use PGP?
You should. But PGP is not great for once off use. Would you be able to send a PGP encrypted email to your parents? Probably not. What about at 7pm on a Friday when the client needs a password before you leave, are you going to call them on the phone and walk them through a PGP setup, then explain the significance of public and private keys to them? I doubt it. This is where NoteShred makes your life easier.