sendnote.link
Blog
Back to blog
comparisons

sendnote.link vs PrivateBin: Privacy-Focused Note Sharing Compared

March 24, 20269 min read

Introduction

Privacy is no longer a niche concern. Whether you are sharing a password with a colleague, sending deployment credentials to a contractor, or passing along sensitive instructions, you want assurance that your content is not being harvested, indexed, or monetized. Two tools that take this concern seriously are sendnote.link and PrivateBin.

Both prioritize privacy over features, but they take fundamentally different approaches to achieving it. PrivateBin uses client-side encryption so that even the server operator cannot read your content. sendnote.link focuses on ephemerality, simplicity, and accessibility with burn-after-read notes and automatic expiration. In this comparison, we examine both tools in depth to help you choose the right one for your privacy needs.

Overview of Each Tool

PrivateBin

PrivateBin is an open-source, self-hosted paste tool that evolved from ZeroBin. Its core feature is client-side encryption: content is encrypted in your browser before it leaves your machine, and the decryption key is stored in the URL fragment (the part after the # symbol), which is never sent to the server. This means the server stores only ciphertext and, in theory, cannot read your content even if compromised.

PrivateBin is written in PHP and designed to be self-hosted. There are some public instances run by community volunteers, but the project explicitly recommends running your own instance for maximum trust. The interface is functional but dated, reflecting its origins as a security tool rather than a consumer product.

sendnote.link is a hosted note-sharing service built with Next.js and Supabase. It prioritizes privacy through architectural choices: no user accounts, no tracking, no cookies, no advertisements, and no analytics. Notes can be configured with burn-after-read to guarantee single-view access, and all notes have configurable expiration from one hour to thirty days. Content is rendered with full GitHub Flavored Markdown support and server-side syntax highlighting via Shiki.

Feature Comparison

| Feature | sendnote.link | PrivateBin | |---|---|---| | Client-side encryption | No | Yes (AES-256-GCM) | | Burn-after-read | Yes | Yes | | Expiration options | 1 hour, 1 day, 7 days, 30 days | 5 min to never (configurable by instance) | | Markdown rendering | Full GFM with live preview | Basic Markdown support | | Syntax highlighting | Shiki, server-side, dual themes | highlight.js, client-side | | Self-hosted option | Codebase available | Yes, primary deployment model | | Hosted service | Yes, ready to use | Community instances only; no official hosted version | | Account required | No | No | | Advertisements | None | None | | Password protection | Not currently | Yes | | File attachments | No | Yes (on some instances) | | Discussion/comments | No | Yes (optional) | | Mobile responsive | Fully responsive, modern UI | Basic responsiveness | | Setup required | None; visit and use | Requires server, PHP, and configuration | | Dark mode | Automatic, system-preference based | Depends on instance template | | Open source | Yes | Yes (AGPL-3.0) |

Detailed Breakdown

Encryption vs. Ephemerality

This is the fundamental philosophical difference between the two tools, and it deserves careful examination.

PrivateBin's client-side encryption means that content is encrypted in the browser using AES-256-GCM before it is sent to the server. The encryption key is placed in the URL fragment, which browsers do not include in HTTP requests. The server never sees the plaintext. This is a strong privacy guarantee that protects against server compromise, subpoenas directed at the hosting provider, and curious administrators.

sendnote.link takes a different approach: the content exists on the server, but its lifetime is strictly controlled. Burn-after-read notes are permanently deleted after a single view. All notes have a mandatory expiration date. There are no accounts or metadata trails linking notes to identities. The privacy model is based on minimizing what exists rather than encrypting what is stored.

Both approaches have merit. Client-side encryption protects data at rest. Ephemerality eliminates data entirely. The right choice depends on your threat model, which we discuss later in this post.

Ease of Use and Accessibility

This is where the two tools diverge most sharply. PrivateBin is fundamentally a self-hosted application. To use it with full trust, you need to provision a server, install PHP, configure a web server, deploy PrivateBin, and maintain the installation over time. Public instances exist, but using someone else's PrivateBin instance requires trusting that operator, which partially undermines the self-hosting security premise.

The PrivateBin interface itself is utilitarian. It gets the job done, but it was designed as a security tool rather than a polished consumer product. The text editor is basic, Markdown support is limited, and the overall design aesthetic has not changed significantly in years. For technical users this is fine, but sharing a PrivateBin link with a non-technical colleague can create confusion.

sendnote.link requires zero setup. You visit the site, write your note, configure your settings, and share the link. The editor is clean and intuitive. The viewer renders content with proper typography, syntax highlighting, and responsive layout. The experience is immediately understandable to anyone who can use a web browser, regardless of their technical background.

Markdown and Content Rendering

PrivateBin has added Markdown support over time, but the rendering is basic compared to dedicated Markdown tools. Some instances disable Markdown entirely. When enabled, the rendering covers standard Markdown but may not support GitHub Flavored Markdown extensions like tables, task lists, or strikethrough. Syntax highlighting in code blocks uses highlight.js on the client side.

sendnote.link renders full GitHub Flavored Markdown on the server. This includes tables, task lists, strikethrough, autolinked URLs, and fenced code blocks with language-specific syntax highlighting. The Shiki highlighter produces output that matches VS Code's tokenization accuracy, and the dual-theme system ensures code is readable in both light and dark modes without manual toggling. For sharing documentation, instructions, or any content that benefits from rich formatting, the rendering quality difference is substantial.

Burn-After-Read Implementation

Both tools support burn-after-read, but the implementations differ in important ways. PrivateBin's burn-after-read deletes the encrypted paste from the server after the first view. However, because the content is encrypted, the server is deleting ciphertext it could not read anyway. The burn-after-read feature in PrivateBin is more about reducing the attack surface (deleting ciphertext that could theoretically be decrypted if the URL were compromised) than about privacy from the server operator.

sendnote.link's burn-after-read deletes the plaintext content from the database after the first view. The note is gone. There is no ciphertext remaining, no key to compromise, and no data to subpoena. The simplicity of this approach is itself a security property: there are fewer moving parts that could fail.

Trust Model

PrivateBin's trust model is elegant in theory: you do not need to trust the server because the server never sees your plaintext. In practice, this trust model has nuances. You need to trust that the JavaScript served by the PrivateBin instance has not been tampered with. A compromised instance could serve modified JavaScript that exfiltrates the decryption key or the plaintext before encryption. Unless you are auditing the source code of every page load, you are implicitly trusting the instance operator to serve unmodified code.

sendnote.link's trust model is more straightforward: you trust the service to handle your data according to its stated policies. There is no encryption to provide a false sense of security if the server were compromised. The trade-off is transparency. The privacy guarantees come from what the service does not collect (accounts, tracking, analytics) and how aggressively it deletes data (burn-after-read, mandatory expiration).

Hosting and Maintenance

Running your own PrivateBin instance gives you maximum control but demands ongoing maintenance. PHP and dependency updates, security patches, SSL certificate management, server hardening, and monitoring all fall on your shoulders. For organizations with dedicated infrastructure teams, this is manageable. For individuals or small teams, it is overhead that competes with actual work.

sendnote.link is a hosted service. There is nothing to install, configure, or maintain. This is either a strength or a weakness depending on your perspective. If you need air-gapped or on-premise deployment, self-hosting is necessary and PrivateBin serves that need. If you want a tool that works immediately without operational burden, sendnote.link is the clear choice.

Use Cases for Each Tool

Choose PrivateBin When:

  • You have a specific threat model that requires client-side encryption
  • You need to self-host on infrastructure you fully control
  • You operate in a regulatory environment that mandates data sovereignty
  • You have the technical resources to deploy and maintain a PHP application
  • You need password-protected pastes or file attachments
  • You want privacy without operational complexity
  • You share content with non-technical recipients who need a polished reading experience
  • You need rich Markdown rendering for documentation, instructions, or formatted notes
  • You want burn-after-read with zero configuration
  • You value a fast, ad-free, account-free experience that works on every device
  • You do not have the resources or desire to self-host infrastructure

Verdict

PrivateBin and sendnote.link both take privacy seriously, but they serve different audiences and different threat models. PrivateBin is the right tool for users who need verifiable client-side encryption and are willing to accept the complexity of self-hosting and a utilitarian interface. It is a security tool first and a sharing tool second.

sendnote.link is the right tool for users who want strong privacy defaults, beautiful content rendering, and zero friction. It proves that privacy-focused tools do not need to be complicated or ugly. Burn-after-read notes, mandatory expiration, no accounts, and no tracking provide meaningful privacy for the vast majority of note-sharing scenarios.

For most people sharing text, code, and notes on the internet, sendnote.link delivers the better combination of privacy, usability, and polish. If your threat model specifically requires client-side encryption with self-hosted infrastructure, PrivateBin remains the specialist tool for that job. But if your goal is simply to share something privately and have it disappear when you want it to, sendnote.link is the easier and more enjoyable path to get there.

Ready to share a note?

Create and share notes instantly. No sign-up required.

Create a note