A few weeks ago I built a little web application to store notes, which encrypts your notes in the browser and stores them in the cloud (yeah, I hate that term). The idea was that even if the server was compromised, nobody could read the notes without a password.
From the server logs it looks like a few people at least are actively using it, even though there is a big warning saying it is for testing only. No idea for what of course, because even in the admin all I can see is a string of random characters.
I've jumped straight to version 1.0.0 with the latest release, since it has been running quite happily for quite some time with no issues. It's still 'use at your own risk', but it is such a simple application that there is so little to go wrong.
Deploying to Heroku
Then of course, you have to trust your own computer. If an attacker has installed a key-logger on your computer it can record your password, or your notes as you write them. Ultimately, if you are that paranoid, you might just want to keep your notes in your head.