CryptPad: An Alternative to the Google Suite

We (a University, in India) are trying to get out of the Google ecosystem, and CryptPad is the greatest thing that has happened to us.<p>Google has been whittling the &#x27;Google for Education&#x27; now and the free version called &#x27;fundamentals&#x27; has been stripped of many things and we can see the future where the cost of using Google might be a significant impactful expenditure on our tight, already stretched to the limits budget.<p>Also, the word, &#x27;Crypt&#x27; is cool. Our teachers feel like Hackers.<p>Seriously - that was some of the great feedback we received.

I have been working on an essay about &#x27;Personal Digital Infrastructures,&#x27; a concept of infrastructure that seeks resilience and durability for personal data at a level we typically only see in banks or state institutions. In other words, an infrastructure that can protect your personal data in the face of disasters such as big tech account cancellations, fund blocking, imprisonment, bankruptcy, death, etc. The flagship instance of Cryptpad is the service that comes closest to this idea of infrastructure. The free plan gives you 1GB of storage for files, which is more than enough to store essential data for the continuity of businesses, families, communities, etc. E2E encryption plus zero trust in a free tier is something that should be valued and used to our advantage. Cryptpad is a very powerful resource and should be more appreciated.

Cryptpad is all right though it locks you into Cryptpad. If you want to extract your documents you have to use their UI to decrypt them. What I am looking for is a document interface that works with Syncthing. Let syncthing handle the syncing and encryption.

<a href="https:&#x2F;&#x2F;elpa.gnu.org&#x2F;packages&#x2F;crdt.html" rel="nofollow">https:&#x2F;&#x2F;elpa.gnu.org&#x2F;packages&#x2F;crdt.html</a><p>is much more fun and, obviously, vastly more powerful.

I think there are some issues with cryptpad, most significantly that documents which are shared via their share link (default way of sharing) will effectively be shared with Google, Apple, Microsoft, and so on. I think this is dangerous because some users may be under the impression that Cryptpad secures their documents from the prying of big tech&#x27;s eyes, but since it&#x27;s guaranteed that at least some document collaborators will be using those companies&#x27; browsers, and browser history is synced, the URLs (which contain the key to decrypt the document after the fragment) to any document which is shared with more than handful of cypherpunks will certainly end up shared with the main browser vendors<p>Additionally, they&#x27;ve failed to make some architectural and delivery decisions which would protect users from various attacks like a server compromise (for example, a server seized by an adversary may send malicious client code that conducts a document exfiltration), as well as document exfiltration via a malicious browser extension. Both of these can be mitigated somewhat by delivering the frontend as a desktop app or signed browser extension, and setting reasonable CSPs in the decryption modules. This is exactly the reason Signal doesn&#x27;t offer a web app.<p>Cryptpad <i>does</i> offer the ability to additionally encrypt documents with shared passwords, and this offers a fair modicum of greater protection against document interception. But this isn&#x27;t the default document mode, so I doubt most documents are password-protected in practice.<p>I did share all of the above with the Cryptpad team, and was told they don&#x27;t intend to address the above issues, so I&#x27;d recommend against putting to much faith in them for the time being.

Honestly my primary peeve with Cryptpad is the incredible load time... which is justified in scenarios of private documents, but completely unjustified in every single time someone shares a Cryptpad link with me which is certainly intended for public consumption.

I tried cryptpad and it was good, with the main issue being inviting new users is really complicated. Users needed to register and then send their own &quot;invite me&quot; link, because the system encrypted their email address, so you can only use the link to invite them. This turned out too complicated for normal people (ok for computer users)

I really appreciate that the team hasn&#x27;t rested on their laurels with just creating an encrypted cloud-based OnlyOffice wrapper and they&#x27;ve actively pushed I to the space of filling tool gaps. Their markdown files are a nice addition for a simple note that doesn&#x27;t need to be a full Document.

How does this compare with the French&#x2F;German <a href="https:&#x2F;&#x2F;github.com&#x2F;suitenumerique&#x2F;docs">https:&#x2F;&#x2F;github.com&#x2F;suitenumerique&#x2F;docs</a> ?

I use CryptPad all the time and it rocks!

yep i&#x27;ve played with cryptpad and honestly it&#x27;s wild how much comes down to people stubbornly sticking with the default tools - you think we ever get to a point where open options like this really catch on outside techy circles or will it always be a niche thing

There are other free instances available, for example cryptpad.digitalcourage.de is used by many people I know.<p>See cryptpad.org&#x2F;instances for a list.

Why is this dubbed as an alternative to Google suite and not Microsoft suite? They even used the Microsoft icons.

See also:<p><a href="https:&#x2F;&#x2F;etherpad.org" rel="nofollow">https:&#x2F;&#x2F;etherpad.org</a>

This looks awful, is it from the 90s?