(Archived) Firesheep

[sterlingz 7]

As many have no doubt heard, the Firefox extension Firesheep has been released into the wild, allowing "session hijacking for dummies." In a nutshell, this extension allows anyone running it on an open WiFi network (say, at Starbucks) to see and even take over another user's Facebook, Twitter, Foursquare and many other services' accounts on that same network. Unfortunately, Evernote is on this list*. For non-premium users, it is now a trivial matter to have your account hijacked by another user on an open network. My recommendation would be to never use a standard Evernote account on an open WiFi network.

But this brings up another point - I believe that secure access is really a standard feature, not a Premium one. I realize that Evernote has used SSL as a way to sell Premium accounts (it was a selling point for me). But I think the right thing to do is to protect all of your users from attack. There are many other Premium features. The threat of having your data compromised should not be a reason that you feel compelled to upgrade to Premium. That would be cynical.

In the words of Eric Butler, Firesheep's developer:

"Websites have a responsibility to protect the people who depend on their services. They've been ignoring this responsibility for too long, and it's time for everyone to demand a more secure web. My hope is that Firesheep will help the users win."

I certainly hope that users of Facebook, Twitter and the like do indeed win by forcing the adoption of SSL across all transactions on all of these platforms. Google had already done so with Gmail, preventing this vulnerability.

And my hope is that Evernote will do the right thing by all of its users, not just those of us who've elected to buy a Premium subscription.

*Incidentally - the inclusion of Dropbox on this list is not accurate. Dropbox staff have already confirmed that their cookies are encrypted, all transactions are over SSL, and this extension does not work. It would be great to receive a similar confirmation from Evernote staff that they have tested it and SSL is properly implemented for Premium users and they are protected against this extension.

[sterlingz 7]

Update - for users who want to protect themselves, there are a number of options:

On Firefox, the [urlhttps]NoScript extension will prevent the Firesheep script from running on your machine.

On Chrome, the "Use Https" extension will allow you to force https connections on various website; the extension options page allows you add a list of sites. You can add Evernote, but I'm not sure if standard users get full protection as Chrome puts up a warning that elements of the page are not secure.

[engberg 89]

Free users already use SSL with Evernote in all web browsers. (Try it...)

[BurgersNFries 2,407]

In a nutshell, this extension allows anyone running it on an open WiFi network (say, at Starbucks

I would say anyone using an open wifi network for anything other than simple web browsing is asking for trouble, anyway, unless you use something like Hotspot VPN in conjunction with the free wifi.

[sterlingz 7]

Dave - that's fantastic news! When did you make that change? I didn't realize you had implemented this because I am a Premium user, and remembered that the SSL connection was a selling point back when I signed up.

I would write to the authors of Firesheep immediately and demand that they take Evernote off the list of affected applications. It's bad press - got mentioned on Leo Laporte's Security Now podcast last week, Evernote was specifically mentioned as one of the affected apps.

Hate to have Evernote lumped in with all of the other sites when you have already taken steps to protect users!

[jbenson2 2,147]

Dave, your comment certainly caught me by surprise.

You should give your marketing folks a swift kick, because the Evernote web has the old info.

http://www.evernote.com/about/premium/

Go Premium

• Enhanced Security: While all users have excellent security, Premium accounts get an additional layer of protection with SSL encryption.

The comparison chart indicates the Security features

• Free: Standard
  Premium: SSL encyption

[BurgersNFries 2,407]

The difference may be whether you're using a browser to access your EN account (since this is about Firefox) vs using a desktop client, since Dave said "in all web browsers." (I don't know.)

[jbenson2 2,147]

BurgerNFries wrote:

The difference may be whether you're using a browser to access your EN account (since this is about Firefox) vs using a desktop client, since Dave said "in all web browsers." (I don't know.)

With the incredible danger of Firesheep being used by tens of thousands of newbies in Starbuck's all over the country (and all other wifi locations) plus the false but damaging comments in the media about Evernote, this issue needs a fast response team to be give us clear information on the status of Evernote SSL.

[BurgersNFries 2,407]

BurgerNFries wrote:

The difference may be whether you're using a browser to access your EN account (since this is about Firefox) vs using a desktop client, since Dave said "in all web browsers." (I don't know.)

With the incredible danger of Firesheep being used by tens of thousands of newbies in Starbuck's all over the country (and all other wifi locations) plus the false but damaging comments in the media about Evernote, this issue needs a fast response team to be give us clear information on the status of SSL.

I think what Dave is saying is that if you're using the web version with any browser (a Firefox loophole being the topic of this thread), info is sent using SSL (even for free accounts) & is ok. BUT...if you're using an EN desktop client (not a browser) and a free account, your notes are not sent using SSL, when sync'ing.

I'm sure he'll elaborate, though.

[BurgersNFries 2,407]

From another thread in the EN 3.5 section, dated 6/20/10:

"Only the note data may be transmitted over HTTP, and only for Free accounts."

[jbenson2 2,147]

Yes, the issue is whether the free account is protected just for the password or also the data.

In the past it was just the sign-on.

I also listened to the Security Now show and the Firesheep software is available to anyone. It is incredibly dangerous with anyone with data sniffing capability in any wifi location. They can easily see what site you are accessing and take over the account with just a double click. Let's say you are signed in on Facebook for instance, the bad guy sees what you see and can change your password. This needs the highest level response.

[BurgersNFries 2,407]

Like I said, I think it depends on whether you're using the web client or a desktop client. That seems to be confirmed by Dave's post in the 3.5 section (regarding the Win desktop client) as well as his post above in this thread, specifically addressing web browsers.

I'm really not sure why this is now such a concern (even regarding Twitter, Facebook, etc.) b/c it's always been a risk when using free wifi. It just may be a bit easier for the bad guys now or maybe it's become a hot topic b/c of a new loophole. But the threat has always been there. Hotspot VPN is one way of protecting yourself while using free wifi.

[jbenson2 2,147]

BurgerNFries wrote:

I'm really not sure why this is now a concern (even regarding Twitter, Facebook, etc.) b/c it's always been a risk when using free wifi. It just may be a bit easier for the bad guys now. But the threat has always been there.

The reason it is a huge issue now is because just a week ago ago Mozilla was informed of a new zero-day vulnerability, which we don't often see in Firefox. There's a mistake in Firefox's implementation of some aspects of JavaScript.

Here is a link to the full transcript which is devastating.

http://www.grc.com/sn/sn-272.pdf

Steve's opening comment: "This WILL change the world for the better." What he means is that companies will have to wake up and address the SSL issue immediately, not a couple months down the road.

"...anyone can run [Firesheep], and it shows you everyone who's using social networking sites, Web 2.0 stuff, in the same hotspot where you are, and allows you to hijack their session, logging on as them with a single click."

As I mentioned earlier, tens of thousands of newbies (not just professional bad guys) can get a copy of Firesheep.

[sterlingz 7]

As I mentioned earlier, tens of thousands of newbies (not just professional bad guys) can get a copy of Firesheep.

Try hundreds of thousands. 129,000 copies were downloaded in a single day last week, which is why I thought this was worth posting about. Yes, we all know unencrypted data can be intercepted by people with the know-how to do so. But this tool puts it in the hands of the multitudes, who don't even need to be very tech-savvy to use it.

Dave - as requested, some clarification would be great. Assuming all Evernote users are protected as you indicated, it would be great to have an unequivocal statement to that effect, as Dropbox provided. If this only applies to use of the web client, and standard users are vulnerable in the desktop client, we need to know that.

This would be worth a blog post.

[jbenson2 2,147]

This problem does not only happen at wifi spots like Starbucks. The bad guy can be driving down the street.

Some additional information pulled from the transcript:

In all these sites they switch you to SSL to log you in. But then they give your browser an unsecure cookie, take you back out of SSL just because they can. They don't have to, but they do. That cookie is the way your session is authenticated. That is the only way you're identified.

So anybody sniffing your unencrypted traffic, which all traffic is at an open WiFi hotspot, is able to pick up that cookie which is sent with every request your browser makes. Your entire session state is that cookie.

All a third party has to do is use that cookie, and they are indistinguishable from you at that location. And even your IPs are the same because you're all being NAT'd through a single IP out onto the Internet. So you look just like the person sitting next to you at Starbucks.

The thing that Starbucks could do to fix this immediately, I mean, and it would be wonderful if they did, is simply to bring up WPA encryption with the password "Starbucks." It doesn't have to be unknown.

WPA provides inter-client isolation. So you can tell everybody the password, including somebody running Firesheep, doesn't matter. And the problem is solved, completely solved, period.

[engberg 89]

Our Windows client has used SSL for all connections for a long time (due to technical hassles with Windows Internet connections). We modified the web site to use HTTPS last Wednesday night.

Other clients may still use plain HTTP until their next full release, so we aren't going to bother announcing any changes until we're sure that Free users will use HTTPS across our entire product line. For example, the Mac release (version 2.0) should be in beta soon, but won't be fully released until we're happy with the beta testing and stability.

Thanks

[engberg 89]

In all these sites they switch you to SSL to log you in. But then they give your browser an unsecure cookie, take you back out of SSL just because they can. They don't have to, but they do.

To be fair, it costs more for a service to handle traffic over SSL versus plain HTTP. Free services like those always need to balance their costs to deliver service against how much revenue they can pick up from things like advertising. Free services with high costs and little revenue tend not to stay around very long.

We now believe that we can afford the costs of offering HTTPS for all of our Free users based on the revenue we can make from those who later upgrade to Premium to support the service. (Thanks!)

[BurgersNFries 2,407]

This problem does not only happen at wifi spots like Starbucks. The bad guy can be driving down the street.

Absolutely. Or the bad guy could be the open wifi you piggyback on (IE your neighbor) just because you can. Or, (s)he could be the good looking gal/guy sitting next to you at the library. Again, nothing new here. This is kind of like someone getting excited b/c they finally realized if they leave their credit card on the table, someone can use it. Yes, Firesheep may make it slightly easier for people to hack your account. But the original problem is the same as it's been for many years. From what I've read, it seems Firesheep's intention is to simply get "in your face" about the problem, since so many people have either ignored the issue & hoped for the best or are simply not informed about the risk. Sounds like that's a good thing, IMO.

[jbenson2 2,147]

BurgerNFries wrote:

Firesheep may make it slightly easier for people to hack your account. But the original problem is the same as it's been for many years.

No, no, no. It is not just slightly easier, it is incredibly easier.

BurgerNFries wrote:

From what I've read, it seems Firesheep's intention is to simply get "in your face" about the problem, since so many people have either ignored the issue & hoped for the best or are simply not informed about the risk. Sounds like that's a good thing,

Yes, it is a good thing because wifi hotspots will have to tighten their security. And companies like Everynote will have to switch to 100% SSL, not just for the Premium users.

[BurgersNFries 2,407]

Yes, it is a good thing because wifi hotspots will have to tighten their security. And companies like Everynote will have to switch to 100% SSL, not just for the Premium users.

It's not always up to the companies. As Dave said, there are costs associated with that. People need to take on their own responsibility, too. IF you're going to use free wifi for something other than web browsing, get something like Hotspot VPN. OR, don't use free wifi & use a secure connection with your ISP or cell phone provider.

[jbenson2 2,147]

The cost issue is a red herring. Expecting users to download and install a VPN... well, it's just not going to happen.

Read this blog for a quick summary of the problem.

http://steve.grc.com/2010/10/28/why-fir ... -has-come/

"The bigger change that must also be made is for all vendors of web services to switch their connections over to using the SSL/TLS protocol exclusively. Only inertia and laziness has prevented this from being done long ago."

and...

"The belief that switching to using pure SSL/TLS is any burden was obsoleted years ago with the addition of SSL/TLS Session Resume. Session Resume allows a particular client and server to perform the high-overhead public key negotiation just once (which they always need to do during the secure SSL/TLS logon anyway) and to then reuse those negotiated credentials for all future SSL/TLS connections being made.

Since the credential reuse duration is typically 24 hours, very little additional burden is placed upon either the client or the server as a consequence of using SSL/TLS pervasively across a web site."

[BurgersNFries 2,407]

The cost issue is a red herring.

Ok, I'll assume that's right for now. I still much prefer to cover my own [self] by making sure I use a secure connection rather than rely on the multitude of websites I use. IMO, there's just too much at risk. When out & about, I normally tether my netbook to my iPhone & get internet access that way. Since my iPhone & netbook are not set up as hotspots, no one should be able to get onto my connection.

If I use free wifi, I use a VPN connection on top of that to keep my work secure.

[jbenson2 2,147]

BurgerNFries wrote:

If I use free wifi, I use a VPN connection on top of that to keep my work secure.

Of course, you are an exception - I'm sure you agree that the majority of folks at Starbucks and other wifi hotspots, including hotels and even McDonald's have very little idea about VPN installation.

Yes, it’s ALWAYS been possible to hack an account at a wifi hotspot … but it’s never been made so easy! I just checked and over a half million downloads of Firesheep have been logged.

And not everyone needs SSL. It’s only important in situations where logon credentials are being provided in page-request headers.

[sterlingz 7]

We modified the web site to use HTTPS last Wednesday night.

Thank you for taking such swift action.

Other clients may still use plain HTTP until their next full release, so we aren't going to bother announcing any changes until we're sure that Free users will use HTTPS across our entire product line. For example, the Mac release (version 2.0) should be in beta soon, but won't be fully released until we're happy with the beta testing and stability.

Just to clarify - Mac Premium users still have their traffic encrypted from the desktop client, correct? We don't need to wait until 2.0 for that.

[jbenson2 2,147]

Sterlingz - thanks for point out Dave's comment. I did not see it during my research on this issue.

Free and Premium Windows users are fully protected. Others may or may not. I now understand why the website is written the way it is. I retract my request to give them a swift kick.

[engberg 89]

Just to clarify - Mac Premium users still have their traffic encrypted from the desktop client, correct? We don't need to wait until 2.0 for that.

Premium users on every Evernote have always used SSL for all communications with Evernote. If you're paying us, you're fully protected.

Free users have always used SSL for authentication ... i.e. your Username and Password has always been protected via SSL on every platform.

Free users on some platforms may use HTTP for other communications after the authentication is complete. We're changing this in the next major release of each client to use HTTPS for all communications, even for Free users.

[baumgarr 17]

Can 3rd parties using the API using HTTPS for non-premium accounts then?

[engberg 89]

Can 3rd parties using the API using HTTPS for non-premium accounts then?

Absolutely. Seth is planning to start encouraging third party developers to do so once he updates the sample code in the API package.

[jfwarrior 6]

Can 3rd parties using the API using HTTPS for non-premium accounts then?

I'm quite curious about 3rd parties using the Evernote API - So far I haven't encountered any other application that uses Evernote besides the official Evernote applications.

[baumgarr 17]

Some of the integration programs in the Trunk use the API and some other open source projects are listed at http://www.evernote.com/about/developer/projects.php.

[jehrler 0]

Just to clarify - Mac Premium users still have their traffic encrypted from the desktop client, correct? We don't need to wait until 2.0 for that.

Premium users on every Evernote have always used SSL for all communications with Evernote. If you're paying us, you're fully protected.

Free users have always used SSL for authentication ... i.e. your Username and Password has always been protected via SSL on every platform.

Free users on some platforms may use HTTP for other communications after the authentication is complete. We're changing this in the next major release of each client to use HTTPS for all communications, even for Free users.

Just a followup that the other reason the cost argument is a red herring, in addition to Session Resume mentioned by jbenson2, is that Evernote is already incurring the big CPU hit when they go to using SSL for authentication, which they do for all customers.

To use SSL the client and server use Public/Private Key asymmetric encryption to agree on a symmetric encryption key. This Public/Private asymmetric encryption is very cpu intensive. But, once the symmetric key is agreed on, the Public/Private Key asymmetric encryption is no longer used. The client and server exchange the username and password securely via symmetric encryption and, in addition, they can continue for the rest of the time in this symmetric key encrypted mode with very low additional cpu cost. Hence why the Windows client already has this built in.

It is like trying to move your stuff into a house in the dark. The hardest part is getting the key in the keyhole and opening the door. But, once that is done and you leave the door open (Session Resume), you can walk in and out with your stuff with ease. And, by using SSL for everybody's authentication, Evernote is already pulling out the key and unlocking the door. It is not really a burden to just leave the door open by continuing in https, rather than closing the door by switching to http.

I am actually quite surprised that, as a new user of Evernote, they did not make SSL and SSL cookies an integral part of their service. They encourage people to take browser screen shots and one common use would be for online order receipts. For post order confirmations the credit card data would be obscured, but I bet a not small number of customers take shots of the order *before* sending it to prove what, exactly, they were looking at when they agreed to order something. This, of course, would mean transferring their credit card numbers to Evernote and allowing anyone who hijacks their account (via Firesheep or similar attacks at an open wifi spot) to harvest them. Yikes!!

I know I am stopping use of the Mac client until such basic security essentials are in place.

[BurgersNFries 2,407]

but I bet a not small number of customers take shots of the order *before* sending it to prove what, exactly, they were looking at when they agreed to order something. This, of course, would mean transferring their credit card numbers to Evernote and allowing anyone who hijacks their account (via Firesheep or similar attacks at an open wifi spot) to harvest them. Yikes!!

It has always been recommended to not store sensitive information in Evernote without it being encrypted.

[jbenson2 2,147]

BurgerNFries wrrote:

It has always been recommended to not store sensitive information in Evernote without it being encrypted.

On one of the Evernote podcasts, the Marketing Director of Evernote said he stores his Federal Tax returns in Evernote. He did not mention encryption.

[BurgersNFries 2,407]

On one of the Evernote podcasts, the Marketing Director of Evernote said he stores his Federal Tax returns in Evernote. He did not mention encryption.

Maybe he's got Lifelock. Why no state returns? :shock:

We've also got Lifelock but I still don't keep any sensitive info in EN for a few reasons. Mostly b/c I've been going paperless long enough that I have over 8 gb of bank/credit card/investment statements along with various other stuff like tax returns. Another reason is I don't want to have to encrypt everything when saving & decrypt to view it. Just a whole lot easier (IMO) to keep the docs on a Truecrypted drive.

[heather 604]

I store my "sensitive" information (Passport scans, titles, tax info) in Evernote unencrypted as well.

It's a matter of personal preference/comfort level.

[deverill 54]

Why no state returns? :shock:

Could be Andrew lives in a state with no income tax like here in Florida.

I store sensitive stuff in EN but I never access it from an unknown network, either here at work on a dedicated DSL or at home on my locked down network. Risky but I agree with Heather that it's a comfort level thing - where is your balance between iron-clad security, risk and usability. Iron-clad is hard to use so I take calculated risks based on my situation and how useful the info is to anyone who gets it.

[evermullah 8]

I store my "sensitive" information (Passport scans, titles, tax info) in Evernote unencrypted as well.

It's a matter of personal preference/comfort level.

i store some sensitive information (like my identification card or some other things, i might need, if my wallet disappears somehow) in a local notebook which i import to other desktop-clients to have them available.

(its not possible to import them on mobile devices, which would be usefull too, but thats the way it is (now). security comes with a drawback.)

and i'm too lazy to encrypt online notes and remember that password too.

[evermullah 8]

If you have a premium account then all your data is transmitted over SSL. Everything else related to encryption is the same as a free account.

sorry to bring this up again, but does this and that say:

windows- and mac desktop clients *now* (todays date) use SSL for authentification

*and* for transmitting the data (notes/notebooks/tags, etc) from that client to the EN-servers also via SSL?

i'm not talking about the WebService via browser, as i really rarely use this service.

and what about the iphone app? in what way does it use SSL?

https://www.evernote.com/about/intl/en/premium/ is very cursorily.

cheers,

[jbenson2 2,147]

The Evernote folks can offer more detail on the mobile versions.

Regarding the https link you mentioned, I don't know why it is there.

It does not require a password to access it.

https://www.evernote.com/about/intl/en/premium/

I found these two other almost identical pages without https.

http://www.evernote.com/about/intl/en/premium/

http://www.evernote.com/about/premium/

By the way, there have been more than 1 million downloads of Firesheep.

[engberg 89]

We now use SSL for all communications from web browsers and from our major clients (Windows, Mac, iOS, Android, Blackberry). I.e. any client that has been released in the last 3-4 months now uses SSL for everyone. Really old ones (e.g. Windows Mobile) haven't yet been updated, so they'll use SSL for Premium accounts only.

[evermullah 8]

We now use SSL for all communications from web browsers and from our major clients (Windows, Mac, iOS, Android, Blackberry).

by "all communications" you mean SSL for authentification *AND* data-transmitting?

[engberg 89]

Yes, *all* communications.

[CLCDAN 0]

In a nutshell, this extension allows anyone running it on an open WiFi network (say, at Starbucks

I would say anyone using an open wifi network for anything other than simple web browsing is asking for trouble, anyway, unless you use something like Hotspot VPN in conjunction with the free wifi.

No one should be saying that at all. What we should be sayting to anyone maintaining an Open Wifi Network is, "Please turn on WPA2 encryption ASAP".

[CLCDAN 0]

Just to clarify - Mac Premium users still have their traffic encrypted from the desktop client, correct? We don't need to wait until 2.0 for that.

Premium users on every Evernote have always used SSL for all communications with Evernote. If you're paying us, you're fully protected.

Free users have always used SSL for authentication ... i.e. your Username and Password has always been protected via SSL on every platform.

Free users on some platforms may use HTTP for other communications after the authentication is complete. We're changing this in the next major release of each client to use HTTPS for all communications, even for Free users.

Good. As it should have been from the beginiing.

[CLCDAN 0]

Can 3rd parties using the API using HTTPS for non-premium accounts then?

Absolutely. Seth is planning to start encouraging third party developers to do so once he updates the sample code in the API package.

API support should only force - never just encourage - 3rd parties to adhere, anything else is a waste of time and our money as premium users. Twitter isn't being nice about it, and neither should Evernote. Although, there are other things Tiwtter is "doing" to 3rd parties which I do not agree with, save this obvious exception.

More importantly, this forum is not SSL. Why not? Answer: Of course, it should be. The question was rhetorical.

[CLCDAN 0]

On one of the Evernote podcasts, the Marketing Director of Evernote said he stores his Federal Tax returns in Evernote. He did not mention encryption.

Maybe he's got Lifelock. Why no state returns? :shock: ......Another reason is I don't want to have to encrypt everything when saving & decrypt to view it. Just a whole lot easier (IMO) to keep the docs on a Truecrypted drive.

I don't get it. Evernote Premium Does encrypt all our data, in transit, on local, and on server. And it's automatic. How is that automatic nature at all different than what Truecrypt must do in the background. There is NO difference. And following (with the exception of this forum) that SSL will be site wide even for Free users, your point has no point. Did I miss anything?

[CLCDAN 0]

Why no state returns? :shock:

Could be Andrew lives in a state with no income tax like here in Florida.

I store sensitive stuff in EN but I never access it from an unknown network, either here at work on a dedicated DSL or at home on my locked down network. Risky but I agree with Heather that it's a comfort level thing - where is your balance between iron-clad security, risk and usability. Iron-clad is hard to use so I take calculated risks based on my situation and how useful the info is to anyone who gets it.

Making a site SSL throughout is, today, still essentially iron-clad.

[BurgersNFries 2,407]

No one should be saying that at all. What we should be sayting to anyone maintaining an Open Wifi Network is, "Please turn on WPA2 encryption ASAP".

As I understand it, WPA2 encryption doesn't help if the guy sitting next to you at the coffee shop, using the same free Wifi you are, is the one doing the packet sniffing.

[BurgersNFries 2,407]

I don't get it. Evernote Premium Does encrypt all our data, in transit, on local, and on server. And it's automatic. How is that automatic nature at all different than what Truecrypt must do in the background. There is NO difference. And following (with the exception of this forum) that SSL will be site wide even for Free users, your point has no point. Did I miss anything?

Your data is NOT encrypted on the EN servers. (Unless you've manually used their feature to encrypt text.)

Truecrypt works on my hard drive. If someone walks away with my computer, they'd need the password to get into my hard drive. Using TC has nothing to do with my data on the EN servers. I don't store sensitive data on the EN servers in the rare event their servers get hacked. There are two issues here.

[CLCDAN 0]

Dave - that's fantastic news! When did you make that change? I didn't realize you had implemented this because I am a Premium user, and remembered that the SSL connection was a selling point back when I signed up.

I would write to the authors of Firesheep immediately and demand that they take Evernote off the list of affected applications. It's bad press - got mentioned on Leo Laporte's Security Now podcast last week, Evernote was specifically mentioned as one of the affected apps.

Hate to have Evernote lumped in with all of the other sites when you have already taken steps to protect users!

Of course, you meant to say Steve Gibson's Security Now Podcast, that is presented along with guest, Leo Laporte, on the TWiT Network, of which Leo Laporte happens to own. Security Now is clearly not Leo Laporte's Netcast.

And , this forum, part of Evernote, is not SSL. Yet. And it should be. If you want Evernote off the list, that will be the ONLY way. I can personally pretty much guarantee that.

[CLCDAN 0]

Dave, your comment certainly caught me by surprise.

You should give your marketing folks a swift kick, because the Evernote web has the old info.

http://www.evernote.com/about/premium/

Go Premium

• Enhanced Security: While all users have excellent security, Premium accounts get an additional layer of protection with SSL encryption.

The comparison chart indicates the Security features

• Free: Standard
  Premium: SSL encyption

This page should not exist at all: http://www.evernote.com/Registration.action

SSL is NOT provided throughout the site. ALL site pages are available via http, and they should not. You want off the list? Complete your task.

[CLCDAN 0]

BurgerNFries wrote:

The difference may be whether you're using a browser to access your EN account (since this is about Firefox) vs using a desktop client, since Dave said "in all web browsers." (I don't know.)

With the incredible danger of Firesheep being used by tens of thousands of newbies in Starbuck's all over the country (and all other wifi locations) plus the false but damaging comments in the media about Evernote, this issue needs a fast response team to be give us clear information on the status of Evernote SSL.

Y'all need to understand something here: Firefox is the browser the Firesheep USER needs, ALL other browsers have nothing to do with the USER or the VICTIM at all! The browser with which you access Evernote, Evernote's website, or this forum do not matter. All modern browsers can interpret https v1.1, and all will continue to do so. What matters is WPA2 encryption on ALL open wifi hotspots AND https (SSL) on all pages of all sites of this nature.

[CLCDAN 0]

Yes, the issue is whether the free account is protected just for the password or also the data.

In the past it was just the sign-on.

I also listened to the Security Now show and the Firesheep software is available to anyone. It is incredibly dangerous with anyone with data sniffing capability in any wifi location. They can easily see what site you are accessing and take over the account with just a double click. Let's say you are signed in on Facebook for instance, the bad guy sees what you see and can change your password. This needs the highest level response.

You need to re-listen to that netcast. But, you're not too far off. over 1.3 million users have downloaded Firesheep as of today, folks, so listen up: Your iAnything, Blackberry, Android device is NOT secure using Evernote at this time, no SSL is implemented. However, there is encryption and decryption going on for Premium users, of the actual notes. NOT the same encryption as is provided with SSL.

Firesheep already has data-sniffing capabilities built in! The machine Firesheep is used on must be able to read sockets. Macs do this natively, PCs need a 3rd party software to allow socket reading.

Just a side note: Facebook was never vulnerable to someone else changing your password, as you from day one always needed to be able to input your CURRENT facebook password to effect that change. So that was never an issue. The issue is that a culprit can change, add or delete your pictures, wall postings, game memberships, CANCEL API access. Those are the main dangers. Foursquare, was MUCH easier to gank. All anyone need do (using Foresheep) was to add a secondary email, or just change your current email with no verification from Foursquare at all, and then use that to reset your password and boom. Done.

[CLCDAN 0]

Like I said, I think it depends on whether you're using the web client or a desktop client. That seems to be confirmed by Dave's post in the 3.5 section (regarding the Win desktop client) as well as his post above in this thread, specifically addressing web browsers.

I'm really not sure why this is now such a concern (even regarding Twitter, Facebook, etc.) b/c it's always been a risk when using free wifi. It just may be a bit easier for the bad guys now or maybe it's become a hot topic b/c of a new loophole. But the threat has always been there. Hotspot VPN is one way of protecting yourself while using free wifi.

A VPN is unfortunately vulnerable to Man-in-the-middle attacks, but those generally still require the use of 2 computers - one running Linux and packet sniffing software, and a PC or Mac or another Linux-driven computer alongside for testing and confirmation that what you are doing is actually working.

Panera Bread is a bad choice of free wifi, because they force you to turn on javascript and initially go through their web portal. Now, Panera Bread's 3rd party "eyes" can see EVERYTHING you do. Unless you use a proxy service. But, a VPN alone? Bad idea. At least the worst idea at a Panera Bread.

ATT&T at Barnes & Nonble? Same problem there. McDonald's? Not a problem, they are WPA2 now, and still open. Password? I don't know. I think it comes with the receipt?

The risk , although partially open NON_ENCRYPTED wifi, the real risk is of course the non-use of site-wide SSL. And Firesheep doesnt only make it easier for the "bad guys" it makes it easy AT ALL for ANYONE to gank accounts. Also, Firesheep DOES NOT PRESENT A LOOPHOLE IN FIREFOX. Get that straight.

[CLCDAN 0]

BurgerNFries wrote:

I'm really not sure why this is now a concern (even regarding Twitter, Facebook, etc.) b/c it's always been a risk when using free wifi. It just may be a bit easier for the bad guys now. But the threat has always been there.

The reason it is a huge issue now is because just a week ago ago Mozilla was informed of a new zero-day vulnerability, which we don't often see in Firefox. There's a mistake in Firefox's implementation of some aspects of JavaScript.

Here is a link to the full transcript which is devastating.

http://www.grc.com/sn/sn-272.pdf

Steve's opening comment: "This WILL change the world for the better." What he means is that companies will have to wake up and address the SSL issue immediately, not a couple months down the road.

"...anyone can run [Firesheep], and it shows you everyone who's using social networking sites, Web 2.0 stuff, in the same hotspot where you are, and allows you to hijack their session, logging on as them with a single click."

As I mentioned earlier, tens of thousands of newbies (not just professional bad guys) can get a copy of Firesheep.

They are only related in that Firesheep uses Javascripting. The fact that Firefox has fixed THAT loophole, actually makes running Firefox less vulnerable to ITS OWN ERRORS.

Firefox's implantation of Javascript has ABSOLUTLEY NOTHING TO DO WITH ZERO DAY NOR FIRESHEEP USAGE AT ALL.

[CLCDAN 0]

As I mentioned earlier, tens of thousands of newbies (not just professional bad guys) can get a copy of Firesheep.

Try hundreds of thousands. 129,000 copies were downloaded in a single day last week, which is why I thought this was worth posting about. Yes, we all know unencrypted data can be intercepted by people with the know-how to do so. But this tool puts it in the hands of the multitudes, who don't even need to be very tech-savvy to use it.

Dave - as requested, some clarification would be great. Assuming all Evernote users are protected as you indicated, it would be great to have an unequivocal statement to that effect, as Dropbox provided. If this only applies to use of the web client, and standard users are vulnerable in the desktop client, we need to know that.

This would be worth a blog post.

Dropbox? Nice. But, even dropbox has its vulnerabilites. DO NOT USE dropbox on a coffeshop or school or library machine. Why not? Because, the My Dropbox folder stays on those machines, even AFTER YOU LOGOUT of Dropbox, even from the local client (assuming any library would allow installation of it, which is doubtful, but a school? Entirely possinble that satff and faculty would be allowed to install dropbox client).

That's bad. Obviously off-topic to Firesheep, but on-topic regarding encryption worthiness. Dropbox data stored in My Dropbox folders is NOT LOCALLY ENCRYPTED.

[CLCDAN 0]

In all these sites they switch you to SSL to log you in. But then they give your browser an unsecure cookie, take you back out of SSL just because they can. They don't have to, but they do.

To be fair, it costs more for a service to handle traffic over SSL versus plain HTTP. Free services like those always need to balance their costs to deliver service against how much revenue they can pick up from things like advertising. Free services with high costs and little revenue tend not to stay around very long.

We now believe that we can afford the costs of offering HTTPS for all of our Free users based on the revenue we can make from those who later upgrade to Premium to support the service. (Thanks!)

Maybe 12 years ago. Your costs of switching to SSL are next to nothing.

"Google has provided HTTPS access from a long time on Gmail now. However, the latest decision to add SSL on other services in future and providing a separate encrypted page maintains the mojo Google is enjoying with the head-start this year.

HTTPS is a SSL encrypted HTTP which provides security. However we have not seen it appear on mainstream websites yet. SSL security has been an issue for too long. Most websites do not provide it because it is expected to be something of a high standard and is believed to require powerful servers. On the contrary, the truth is that HTTPS is not at all as resource intensive on the server as it is believed to be.

A Chrome Engineer at Google, Adam Langley writes at the Imperial Violet stating,

all of our users use HTTPS to secure their email between their browsers and Google, all the time. In order to do this we had to deploy no additional machines and no special hardware. On our production frontend machines, SSL/TLS accounts for less than 1% of the CPU load, less than 10KB of memory per connection and less than 2% of network overhead. Many people believe that SSL takes a lot of CPU time and we hope the above numbers (public for the first time) will help to dispel that.

However, the downside with SSL is that it includes a considerable latency in connection. This research reveals that there is a latency of 3.5x on SSL handshakes, the method of initializing a connection to server. Basically, using SSL connections slows down connection establishment to a server. So did Google just compromise speed for security? Definitely not.

Google is using several mechanisms to reduce this latency. See this excerpt from the post at Langley’s blog.

OpenSSL tends to allocate about 50KB of memory for each connection. We have patched OpenSSL to reduce this to about 5KB.

Moreover Google also caches most HTTPS requests which allows it to serve them faster in subsequent queries. Google claims that this resume behavior takes place 50% of the time. SSL has been optimized at its best at Google.

These facts prove that SSL is not as resource intensive as it is blamed to be. The fact of it being more expensive is just a commercial aspect and a business policy."

from http://techie-buzz.com/tech-news/google ... -cost.html

[CLCDAN 0]

This problem does not only happen at wifi spots like Starbucks. The bad guy can be driving down the street.

Absolutely. Or the bad guy could be the open wifi you piggyback on (IE your neighbor) just because you can. Or, (s)he could be the good looking gal/guy sitting next to you at the library. Again, nothing new here. This is kind of like someone getting excited b/c they finally realized if they leave their credit card on the table, someone can use it. Yes, Firesheep may make it slightly easier for people to hack your account. But the original problem is the same as it's been for many years. From what I've read, it seems Firesheep's intention is to simply get "in your face" about the problem, since so many people have either ignored the issue & hoped for the best or are simply not informed about the risk. Sounds like that's a good thing, IMO.

No. Firesheep is WAY easier to use than the old method of two computers, one running linux with packet-sniffing software, the other for confirmation and is INTENDED for NON-hackers. Think about it, I will be way more suspicious of someone on our coffeeshop using TWO laptops than someone with ONE and a smartphone beside them.

[CLCDAN 0]

No one should be saying that at all. What we should be sayting to anyone maintaining an Open Wifi Network is, "Please turn on WPA2 encryption ASAP".

As I understand it, WPA2 encryption doesn't help if the guy sitting next to you at the coffee shop, using the same free Wifi you are, is the one doing the packet sniffing.

Not getting personal here: You don't understand that correctly. If you check Steve Gibson's Security Now netcast, and the transcription mentioined here a lot, Client Isolation absolutely guarantees no interplay between users on that open wifi. just none. Doesnt matter whether Everyone is using Firesheep, it will only show you YOUR logged in Social networks! Not others'. That's impossible, as WPA2 has not been cracked. Yet. But, then we have coming MS WPA2.

[engberg 89]

Maybe 12 years ago. Your costs of switching to SSL are next to nothing.

I don't think you have a very good grasp what it takes to handle hundreds of millions of HTTP requests per day like Evernote does. Enabling SSL for all data for Free users overloaded the load balancers we purchased 3 years ago (for tens of thousands of dollars) with newer, specialized accelerators from A10 for additional tens of thousands of dollars. OpenSSL on general-purpose commodity hardware is a terribly inefficient way to scale to the sorts of volume that Evernote handles.

So the switching costs were fairly significant, but we were willing to pay those costs to ensure data security even for people who have never paid us any money to cover those costs. We felt that paying this cost for our Free users would pay off in the long run from our loyal users who can trust their data with Evernote.

Thanks for the feedback about adding SSL to other ancillary web hosts in the *.evernote.com domain (like forum.evernote.com). Since none of your own data is stored within this independent PhpBB3 server, and the password database has no connection, we hadn't rushed into paying for SSL certs and whatnot for this, but I appreciate the feedback.

[CLCDAN 0]

I don't get it. Evernote Premium Does encrypt all our data, in transit, on local, and on server. And it's automatic. How is that automatic nature at all different than what Truecrypt must do in the background. There is NO difference. And following (with the exception of this forum) that SSL will be site wide even for Free users, your point has no point. Did I miss anything?

Your data is NOT encrypted on the EN servers. (Unless you've manually used their feature to encrypt text.)

Truecrypt works on my hard drive. If someone walks away with my computer, they'd need the password to get into my hard drive. Using TC has nothing to do with my data on the EN servers. I don't store sensitive data on the EN servers in the rare event their servers get hacked. There are two issues here.

Well, since you use Truecrypt on the drive, all of your data on that drive is encrypted. But, I had to assume a few things for discussion as we were talking about the assumption of all sites moving to SSL, Evernote on that "list". Eventually all sites. Anyone being concerned with encryption and that also has a Premium account, would certainly be taking advantage of encryption, and so one would need to assume that those with encryption of the Evernote notes would have to be using it. The encryption is automatic in the client when you give it a sync password. The encryption is done on-the-fly for Premium users. For data stored locally. But, just checking, I am wrong about that, then I was misled by Evernote hype and am now unhappy with my decision of chosing Evernote. Your Data on the EN servers are ALWAYS encrypted when using a Premium account. That hasnt changed for PC Premium users. Ya, they can be hacked I suppose (broken into and data taken or copied), but with encryption applied? Should be about as difficult to unencrypt as Truecrypt or Lastpass, if strong encryption is used on EN servers, and I believe it is.

To the other thing, I was (and I thought everyone else here) was mainly talking about SSL. Which would and could only be for Websites. SSL for the data encryption or encrypting during data transit? SSL on the pages would indeed be minimal cost. But, what your tallking about is client-to-server and server-to-client, right? I can see that is different, but again, I thought I was mainly referring to website SSL, but encryption product-clientside, I don';t know and didn;t know, and thankyou for clarifying.

[CLCDAN 0]

Maybe 12 years ago. Your costs of switching to SSL are next to nothing.

I don't think you have a very good grasp what it takes to handle hundreds of millions of HTTP requests per day like Evernote does. Enabling SSL for all data for Free users overloaded the load balancers we purchased 3 years ago (for tens of thousands of dollars) with newer, specialized accelerators from A10 for additional tens of thousands of dollars. OpenSSL on general-purpose commodity hardware is a terribly inefficient way to scale to the sorts of volume that Evernote handles.

So the switching costs were fairly significant, but we were willing to pay those costs to ensure data security even for people who have never paid us any money to cover those costs. We felt that paying this cost for our Free users would pay off in the long run from our loyal users who can trust their data with Evernote.

Thanks for the feedback about adding SSL to other ancillary web hosts in the *.evernote.com domain (like forum.evernote.com). Since none of your own data is stored within this independent PhpBB3 server, and the password database has no connection, we hadn't rushed into paying for SSL certs and whatnot for this, but I appreciate the feedback.

I got you. I see. You only need one Cert, btw. But, if we are talking SSL for the site, all pages, that cost is still very low. How it could have cost so high is beyond me, and what I quoted, was not what I know. I was quoting most of the SSL cost switching issue. SessionResume is the key here and should reduce your website SSL session handling by 10 fold. Now, the servers you have - 3 years old - they are yours? You don't co-locate? Would that help - I don't know costs of co-location and leasing of such, but it sounds like you need to go to that "next level", like Level-3. Evernote doesnt handle near the volume of Google searching, btw, I mean Google searches are in the billions of transactions per hour, so I am definitely missing something in the equation there. I dont know if you are allowed to, but if you can clarify that further?

By the way, are you using Extended Validation in your SSL conversion?

[BurgersNFries 2,407]

Anyone being concerned with encryption and that also has a Premium account, would certainly be taking advantage of encryption, and so one would need to assume that those with encryption of the Evernote notes would have to be using it. The encryption is automatic in the client when you give it a sync password. The encryption is done on-the-fly for Premium users. For data stored locally. But, just checking, I am wrong about that, then I was misled by Evernote hype and am now unhappy with my decision of chosing Evernote. Your Data on the EN servers are ALWAYS encrypted when using a Premium account. That hasnt changed for PC Premium users. Ya, they can be hacked I suppose (broken into and data taken or copied), but with encryption applied? Should be about as difficult to unencrypt as Truecrypt or Lastpass, if strong encryption is used on EN servers, and I believe it is.

To clarify, the data stored on the Evernote servers is NOT encrypted. Doesn't matter if you have a free or a premium account. The exception is if you select some text in your Evernote note, right click & encrypt it. That is available for both free & premium accounts.

[engberg 89]

You need to buy one certificate per host name (e.g. "www.evernote.com" , "forums.evernote.com", "update.evernote.com" , etc...) unless you pay a huge amount of money for a "wildcard cert" that can be used for any of the hosts in that domain. This doesn't really break even until you have something like 10 different host names that all need separate certs. This is just how the goofy Certificate Authority business model works ... the 10x price difference isn't part of the technical specs, it's just how they make their money.

The limiting factor for SSL volume is how many new connections you can accept per second. When you have millions of computers and phones that are connecting to Evernote all day and all night for synchronization, that adds up to a lot of connections, and you can't handle that easily in simple commodity CPUs, which aren't tuned for asymmetric cryptographic operations (e.g. 2048-bit RSA transformations). So it's easy to use OpenSSL when you're only dealing with a hundred thousand connections per day, but they can't keep up at higher volume, so you end up either having to power and host a huge rack of commodity hardware or go with more specialized hardware with cryptographic acceleration ASICs.

Anyway, we're happy that we were able to offer this, but just want to clarify that this isn't free when you're dealing with millions of users.

Thanks

[CLCDAN 0]

You need to buy one certificate per host name (e.g. "www.evernote.com" , "forums.evernote.com", "update.evernote.com" , etc...) unless you pay a huge amount of money for a "wildcard cert" that can be used for any of the hosts in that domain. This doesn't really break even until you have something like 10 different host names that all need separate certs. This is just how the goofy Certificate Authority business model works ... the 10x price difference isn't part of the technical specs, it's just how they make their money.

The limiting factor for SSL volume is how many new connections you can accept per second. When you have millions of computers and phones that are connecting to Evernote all day and all night for synchronization, that adds up to a lot of connections, and you can't handle that easily in simple commodity CPUs, which aren't tuned for asymmetric cryptographic operations (e.g. 2048-bit RSA transformations). So it's easy to use OpenSSL when you're only dealing with a hundred thousand connections per day, but they can't keep up at higher volume, so you end up either having to power and host a huge rack of commodity hardware or go with more specialized hardware with cryptographic acceleration ASICs.

Anyway, we're happy that we were able to offer this, but just want to clarify that this isn't free when you're dealing with millions of users.

Thanks

You need to buy one certificate per host name (e.g. "www.evernote.com" , "forums.evernote.com", "update.evernote.com" , etc...) unless you pay a huge amount of money for a "wildcard cert" that can be used for any of the hosts in that domain. This doesn't really break even until you have something like 10 different host names that all need separate certs. This is just how the goofy Certificate Authority business model works ... the 10x price difference isn't part of the technical specs, it's just how they make their money.

The limiting factor for SSL volume is how many new connections you can accept per second. When you have millions of computers and phones that are connecting to Evernote all day and all night for synchronization, that adds up to a lot of connections, and you can't handle that easily in simple commodity CPUs, which aren't tuned for asymmetric cryptographic operations (e.g. 2048-bit RSA transformations). So it's easy to use OpenSSL when you're only dealing with a hundred thousand connections per day, but they can't keep up at higher volume, so you end up either having to power and host a huge rack of commodity hardware or go with more specialized hardware with cryptographic acceleration ASICs.

Anyway, we're happy that we were able to offer this, but just want to clarify that this isn't free when you're dealing with millions of users.

Thanks

I am not sure about that, Steve Gibson spent a whole netcast on just that, where at grc.com he uses just one cert for all of his subdomains (that's what you are describing as hosts, they're not, those names before the dots of the main name are referred to as sub-domains on a Linux Server, as you cant have sub-domains on a PC server, like IIS7, you have to run some linux on top in order to create the subs, anyway...).

When I can find the episode number and transcript link, I will post here asap.

And, I don't know when you started using RSA, but RSA servers were hacked about 5 days ago, as Steve Gibson reported last week, and up to 40 million private keys were taken. You would have revieved a CYA email reently , and a link to a newer Private Key by now. If not, contact RSA asap. If you are using Verisign, kudos to you!

So, we both obviously understand the difference between SSL for all pages of a website and RSA sha-1 encryption are not connected nor related, right? I just wanted you to know what I know in this regard. If Steve Gibson proves me wrong, I will redact.

[engberg 89]

You can purchase one "wildcard" certificate that is usable across multiple subdomains:

http://www.verisign.com/ssl-certificate ... tificates/

This may convey security risks, depending on your service configuration:

http://www.sslshopper.com/article-the-r ... cates.html

And the cost of a "wildcard" cert is several times that of a single subdomain cert.

"Secure ID" tokens from the RSA corporation are unrelated to the RSA asymmetric cryptographic standard. The "RSA" in the name is a bit misleading.

The publicized compromise of RSA Corporation's "Secure ID" tokens has no bearing on the security of the RSA cryptographic standard as used in SSL. We have absolutely no relationship with the RSA Corporation, and they most definitely do not have any copies of any of our "private keys."