Writtt is a free, open source desktop text editor designed for privacy. It runs entirely on your computer with AES-256 encryption, zero cloud dependency, and no telemetry. Available for macOS, Windows, and Linux.

Is Writtt really free?

Yes. Writtt is 100% free and open source under the MIT License. There are no subscriptions, no premium tiers, and no feature gates.

How does Writtt encryption work?

Writtt uses AES-256-GCM symmetric encryption with PBKDF2 key derivation. Each vault document is individually encrypted with a unique salt derived from your password.

Does Writtt work offline?

Yes. Writtt is local-first by design and makes zero network calls at runtime.

Writtt integrates with Ollama for local AI assistance. All AI processing happens entirely on your own hardware — no data is sent to third-party servers.

Back to all posts

research encryption academia privacy

Why Your Unpublished Research Deserves Encryption

Marcelo MatzMar 1, 20267 min read

The gap between discovery and publication is where careers are made — and where stolen ideas can end them. Here's why pre-publication encryption isn't paranoia, it's professional responsibility.

The pre-publication vulnerability window

Every researcher knows the feeling: months or years of work condensed into a manuscript that isn't ready for the world yet. Grant proposals under review. Peer reviews you've written candidly. Experimental data that could reshape a field.

This window — between discovery and publication — is the most vulnerable period in academic work. And most researchers store this work on cloud services managed by universities or tech companies.

What cloud storage means for research

When your manuscript lives on a cloud service, several entities can access it:

Your institution

University-managed cloud accounts (Google Workspace, Microsoft 365) give IT administrators access to your files. That includes:

Your unpublished manuscripts and data
Your candid peer reviews of colleagues' work
Your preliminary findings before validation
Your grant proposals with novel methodologies

The cloud provider

The provider's terms of service govern your data. Recent trends in AI training have made this especially concerning — many cloud services now process user content to improve AI models. Your novel methodology could become training data before you publish.

Malicious actors

Cloud platforms are high-value targets. A single breach can expose millions of accounts simultaneously. For research with commercial potential, this creates industrial espionage risk.

Real-world cases

These aren't hypothetical scenarios:

2023: A major university's cloud migration exposed unpublished research data to administrative staff who weren't involved in the research
2022: AI companies acknowledged using publicly accessible cloud-stored documents for model training
Ongoing: Patent disputes where the question of "who discovered it first" hinges on document timestamps and access logs

The methodology theft problem

In competitive fields, methodology is as valuable as results. If your novel approach to data analysis, your unique experimental design, or your theoretical framework reaches competitors before publication, you lose first-mover advantage.

Cloud storage creates multiple exposure points:

The provider's content analysis for "features" (smart suggestions, search indexing)
AI training pipelines that process document content
Collaborative sharing features that may expose metadata
Institutional backup systems that replicate data beyond your control

What encryption actually protects

AES-256 encryption transforms your documents into data that is cryptographically indistinguishable from random noise. Without your password:

The content is unreadable — not just difficult, but mathematically infeasible to recover
The file reveals nothing about its content — no title, no keywords, no structure
Even with physical access to your device, encrypted files remain locked

This isn't security theater. AES-256 is the same encryption standard used by defense agencies for classified information.

The practical workflow

Encrypting pre-publication work doesn't have to be disruptive:

Active manuscripts: Write and edit freely. Encrypt when you're done for the day.
Finished peer reviews: Encrypt immediately after submitting through the journal's system.
Grant proposals: Keep encrypted until the submission deadline, then export for the portal.
Experimental data notes: Encrypt per-experiment for granular protection.

The key insight: you don't need to encrypt everything. Just the work that would damage your career or your field if it leaked early.

Beyond your own research

Consider what else you handle as a researcher:

Peer reviews where you've been candid about a colleague's work
Reference letters with honest assessments
Tenure committee notes about departmental politics
Student evaluations with sensitive observations

Each of these creates professional risk if exposed. Local encryption protects all of them.

The open source advantage

For researchers, verifiability matters. You wouldn't trust a black-box statistical method — why trust a black-box security tool?

Open source encryption allows:

Code audit: Verify the encryption implementation is correct
No hidden data collection: Confirm the tool doesn't phone home
Community review: Benefit from collective security expertise
Reproducibility: The security model is transparent and reproducible

Conclusion

Pre-publication encryption isn't about distrust — it's about respecting the value of intellectual work. The months or years between discovery and publication represent enormous investment. Protecting that investment with encryption is as rational as locking a lab.

Your research deserves the same security standard as classified information. Because in academia, unpublished ideas are classified.

Writtt is a free, open-source text editor with AES-256 encryption and zero cloud dependency. Download it here or explore it on GitHub.

Back to all posts

#research #encryption #academia #privacy