Is it possible to purchase a license to run my own local sync server for DT?
The problem with all these cloud services is that a lot of them get hacked sooner or later, and I'm terrified of my projects and task lists getting stolen or even released publicly on the internet by hackers.
For example, the very popular and well-known service Evernote got hacked just the other week, leaking god knows how much valuable information of their 50 million(!) users, so please don't tell me it doesn't happen. Not to mention your account credentials just getting stolen somehow, and someone then logging into your Google or Toodledo account manually, without even hacking their servers.
Because of this, I'd think you'd have some REAL "killer features" on your hands if you just did one of these two things (or both):
1.
Make it possible for customers to run their own Due Today sync server under their own control. I would use it to sync changes between the Android client and the Windows client on my own LAN at the office, and to securely backup my DT data at the same time. Since you already have your own implementation of the sync server, it most likely wouldn't be too hard to "commercialize it", right? And remember, companies like to keep their data to themselves, and it's also the companies that are sitting on the big bucks...
2.
Implement encryption support for the Toodledo sync. This would be REALLY simple (I'm a programmer myself), simply let the user select a password in the clients (Android, Windows etc), and then when you sync with Toodledo, encrypt all task names and other text fields (notes etc) with a secure encryption algorithm (preferably AES) and base64-encode the result (which, as you most likely know, will result in alphanumeric text strings looking like "jtTH46ERSgrAywYSHYw67UIuUeY" etc), and then simply sync these encrypted text strings into Toodledo. It's still just text strings, so Toodledo wouldn't have any problems with it, BUT if someone hacks Toodledo or steals my credentials and logs directly into the web interface of Toodledo, they will just see the encrypted strings for all tasks (e.g. the "jtTH46ERSgrAywYSHYw67UIuUeY" string from my example here above). When the DT clients (Android, Windows etc) sync with the Toodledo account though, they will simply decrypt all the strings on the fly with the key given by the user (this would be VERY simple to insert at key points in the sync code), and will keep working just as before, as if nothing happened!
I know for a fact that there a LOTS of people out there that are sick and worried of sharing their personal and confidential information with "cloud service suppliers" like Google or Toodledo, but I cannot find a single GTD-app that supports any counter measures like this, so if you did this it would make you REALLY unique, which is of course the definition of a killer feature, and a great way to become popular (and thus also rich)!
So PLEASE consider these ideas seriously and let me know what you think!
And again, the second alterantive above, with the encryption, you could implement in a weekend of less, so it's a true win-win! (and of course it would only be optional, perhaps even hidden in some advanced settings, so "normal users" wouldn't be put off or confused by it at all!)
Thanks a lot for this great software, and now possibly making it THE best GTD software out there with these killer features!
