DrSnap 2 Posted December 7, 2013 Share Posted December 7, 2013 Hi, I have a question: how does EN deal with notes that have encrypted section when doing the History (versioning).If a text was un-encrypted at one point in the history will it be available through accessing the Note History? i.e. if someone with bad intentions comes to my note with an encrypted password can he just go to the Version History and if he's lucky find the unencrypted first verion of that note? thx:DrSnap Link to comment
Level 5* gazumped 12,070 Posted December 7, 2013 Level 5* Share Posted December 7, 2013 Bearing in mind your hypothetical bad person is already through your device password and your account password by this stage, I'd assume s/he was pretty intent on getting into your data. Anyone that keen is going to get there one way or another, and s/he only has to know the pass phrase to get there directly. But as far as I know if they do step back into the history of your account (assuming it's a Premium account) then you'll see anything that was synced with the server prior to encryption. If you make changes to the content after encryption they are presumably secure, and if you really want to belt-and-braces protect something it might be a good idea to type a couple of words at the beginning and end of several carriage returns and encrypt the paragraph, then create your encrypted text outside Evernote and cut/paste it into your pre-prepared area, and then exit the note and sync. None of that is tested by the way - please verify the outcome in your own client before shouting at me! It's not, as I've said, a feature I rely on heavily - if you do test any of this out please let us know what you find.. Link to comment
DrSnap 2 Posted December 7, 2013 Author Share Posted December 7, 2013 It's not, as I've said, a feature I rely on heavily - if you do test any of this out please let us know what you find.. Well Tested it. First I had a password encrypted then i decrypted it (to change the passphrase) but during that time it got synced for the version history. and then I encrypted it again. So now one plain text version can be found in the second last version in the history..The plaintext version can't even be deleted! So all I can do, is to delete the note completely paste it into a new one and start a new version history. Not ideal... That "bad person" could be somebody using my computer from time to time or the computer with access to a shared notebook. So it is a concern! Link to comment
BurgersNFries 2,407 Posted December 7, 2013 Share Posted December 7, 2013 It's not, as I've said, a feature I rely on heavily - if you do test any of this out please let us know what you find.. Well Tested it. First I had a password encrypted then i decrypted it (to change the passphrase) but during that time it got synced for the version history. and then I encrypted it again. So now one plain text version can be found in the second last version in the history..The plaintext version can't even be deleted! So all I can do, is to delete the note completely paste it into a new one and start a new version history. Not ideal... That "bad person" could be somebody using my computer from time to time or the computer with access to a shared notebook. So it is a concern! The "ideal" is to use a true password manager like 1Pass, Roboform, LastPass, etc. Link to comment
DrSnap 2 Posted December 7, 2013 Author Share Posted December 7, 2013 no kidding... let's say it's my dirty secrets... Link to comment
BurgersNFries 2,407 Posted December 7, 2013 Share Posted December 7, 2013 no kidding... let's say it's my dirty secrets... TMI... Link to comment
Recommended Posts
Archived
This topic is now archived and is closed to further replies.