Your notes are more personal than you think. Passwords, journal entries, medical info, business ideas, things you haven't told anyone. Most people dump all of this into Google Keep without a second thought.
People deserve to know what happens to their data — and what the alternative looks like.
Where Google Keep Stores Your Notes
Google Keep saves everything to Google's cloud servers. That's how it syncs across your phone, tablet, and browser. Convenient — but it comes with trade-offs:
- Google can access your notes. They hold the encryption keys to your data. Your notes aren't end-to-end encrypted — they're encrypted on Google's servers with keys Google manages.
- Your notes are tied to your Google account. If someone gets into your account — through a phishing attempt, a password breach, a compromised recovery email — they get your notes too.
- Law enforcement can request them. Google complies with valid legal data requests. Per their own transparency report, they receive hundreds of thousands of requests per year.
- Data breaches happen. No company is immune. Cloud storage means your data exists on servers you don't control, in data centers you'll never visit.
That's how cloud-based note apps work. Convenient — but the cost is control over your own data.
What "Encrypted" Actually Means
The word "encrypted" gets thrown around constantly in app marketing. Here's what actually matters:
AES-256 is the encryption standard used by the U.S. government, banks, and the military. It's not a marketing buzzword — it's math. A 256-bit encryption key has more possible combinations than there are atoms in the observable universe. No one is brute-forcing that. Not today, not in our lifetimes.
But here's the part most apps don't tell you: encryption only protects you if you hold the key. If the company holds your encryption key (which is how most cloud apps work), they can decrypt your data whenever they need to. That's not end-to-end encryption — it's a locked door where the landlord keeps a copy of the key.
Real encryption means the key lives on your device and nowhere else.
Why I Built Scrib
I'm Beeswax Pat — indie developer, U.S. Army veteran. I built Scrib because I couldn't find a notes app that met four simple requirements:
- Never connects to the internet. Not "optionally offline." There is no server. No sync feature. No cloud. The app doesn't have networking code in it.
- Encrypts everything automatically. Every note is AES-256 encrypted the moment it's saved — that's the base layer, always on. On top of that, you can toggle per-note encryption for your most sensitive notes as a second layer.
- Keeps the key on your device. The encryption key is generated on your phone and stored in the Android Keystore — a hardware-backed secure area that other apps can't access.
- No account required. No email. No phone number. No sign-up. Open the app and write.
On top of automatic encryption, you can set a PIN lock for the whole app and move your most sensitive notes into a Private Vault — a separate, hidden space that's only accessible with your PIN.
The Honest Comparison
I'm not going to pretend Scrib does everything Google Keep does. It doesn't. Here's a straight comparison:
| Feature | Google Keep | Scrib |
|---|---|---|
| Price | Free | Free |
| Cloud sync | Yes | No (by design) |
| Encryption | Google-managed keys | AES-256, key on your device |
| Account required | Google account | None |
| Internet required | For sync | Never |
| Data collected | Usage data, diagnostics | Zero |
| PIN lock | No | Yes |
| Private Vault | No | Yes |
| Collaboration | Yes | No |
| Web access | Yes | No |
| Platforms | Android, iOS, Web | Android |
If you need collaboration, web access, and cross-device sync — Keep is the better tool for that. No question.
If you want your notes encrypted on your device, with zero data collection, no cloud, no account, and nobody holding a copy of your encryption key — that's what Scrib is built for.
Different tools for different priorities.