Jump to content

Evernote and security


Recommended Posts

I am a new user slowly getting hooked on to Evernote.  I have been reading about the concerns related to storing secured information on Evernote cloud. I guess the general recommendation is that if you consider some information should be secured, just do not store it in Evernote. Now my question is what documents should be considered secure.

 

1. Storing passwords in evernote or any cloud service is a terrible idea. I get this.

2. Bank statements - some have said that the account no in bank statements is secure information. Can someone explain why this is secure information? what happens when some hacker gets access to it?

3. Tax returns - Can this be kept in evernote?  This contains soc sec no etc.

 

What do you all do? What kind of information that you DO NOT keep in evernote?  Where do you store such information? (e.g another cloud service that supports encryption on storage)? How do you integrate that cloud service with your Evernote workflow?

 

 

Link to comment
  • Level 5*

I am a new user slowly getting hooked on to Evernote.  I have been reading about the concerns related to storing secured information on Evernote cloud. I guess the general recommendation is that if you consider some information should be secured, just do not store it in Evernote. Now my question is what documents should be considered secure.

 

1. Storing passwords in evernote or any cloud service is a terrible idea. I get this.

2. Bank statements - some have said that the account no in bank statements is secure information. Can someone explain why this is secure information? what happens when some hacker gets access to it?

3. Tax returns - Can this be kept in evernote?  This contains soc sec no etc.

 

What do you all do? What kind of information that you DO NOT keep in evernote?  Where do you store such information? (e.g another cloud service that supports encryption on storage)? How do you integrate that cloud service with your Evernote workflow?

 

Hi. The more I think about this, the less I can put onto the cloud, until there is almost nothing left. The problem is that any information gathered on you can easily be put to nefarious ends, even web clippings.

 

One way to approach this problem is to step back and think of what scenarios are most likely to cause you trouble if all of your data was dumped on the Internet for everyone to see. I think I wouldn't be comfortable with my passwords, bank statements, and tax returns out there. Some people would be OK with it, and we simply have different privacy thresholds. I guess almost everyone would be OK with grocery lists and other seemingly innocuous data, right? Practically speaking, local notebooks for private things and regular notebooks for other stuff might be a good way to go.

 

Remember -- once it is uploaded to the cloud, you should consider it "public," because just about everything on the cloud is accessible to someone else (Evernote employees, law enforcement officials, hackers if there is a breach, etc.). As long as you keep that in mind, you shouldn't have any trouble.

  • Like 2
Link to comment
  • Level 5
Putting your sensitive data in a local non-synchronized notebook in Evernote is safer, but keep in mind that you will only be able to access if it with your local client, not the web or your mobile devices. And it is important that you back up this info regularly.
 

Here are a couple perspectives from senior Evernote employees:

 

On the Evernote podcast (#18) the Evernote VP of Marketing, Andrew Sinkov, said
he stores his tax returns on Evernote. He said it could be kept local, but he prefers to keep it sync'd via the server.
 
The Evernote CTO, Dave Engberg, offered this explanation on why Evernote would be crippled if it offered "meaningful" encryption.
"If a server has access to encrypted data, and access to the keys required to decrypt that data (for searching, display on the web, etc.), then anyone who successfully attacks that server has access to your data. If someone can gain control of that server, then the encryption has absolutely no value (other than making things slightly inconvenient). The attacker can make the server decrypt the data and read whatever she wants."
 
"Meaningless encryption offers the illusion of security, which is frequently more dangerous than intentionally and transparently omitting encryption."
 
"The only "meaningful" encryption would require that Evernote does not have a copy of the keys to decrypt the data at all. I.e. we just store a big blob of data that can only be decrypted by a client that has the keys. This would mean: no web interface, no "thin" mobile clients, no image processing/OCR, etc. If you lose/forget your personal encryption key/passphrase, then your data is basically unrecoverable (since Evernote doesn't keep a copy of the key)."
 
"This is actually what we do for the "encryption" feature within Evernote ... if you select some text in a note and encrypt it, that is encrypted with your passphrase, and Evernote does not have any secret "back door" to read your encrypted data. This is why you can't search for the contents of encrypted regions from the web ..."
 
"i.e. you're talking about an opaque file storage service, like one of the secure backup services. Not "Evernote." While these sorts of services have their place, that's not what Evernote's consumer service aims to be."
- Dave Engberg (Evernote)
  • Like 2
Link to comment
  • Level 5*

I am a new user slowly getting hooked on to Evernote.  I have been reading about the concerns related to storing secured information on Evernote cloud. I guess the general recommendation is that if you consider some information should be secured, just do not store it in Evernote. Now my question is what documents should be considered secure.

 

1. Storing passwords in evernote or any cloud service is a terrible idea. I get this.

2. Bank statements - some have said that the account no in bank statements is secure information. Can someone explain why this is secure information? what happens when some hacker gets access to it?

3. Tax returns - Can this be kept in evernote?  This contains soc sec no etc.

 

What do you all do? What kind of information that you DO NOT keep in evernote?  Where do you store such information? (e.g another cloud service that supports encryption on storage)? How do you integrate that cloud service with your Evernote workflow?

 

The way I view and use Evernote is this:

  1. Don't put anything unencrypted into Evernote that I consider sensitive.
  2. For sensitive documents I want in Evernote, I encrypt them first (like PDFs)
    1. ​Many PDF tools offer 128-bit encryption
    2. Adobe Acrobat X (and later) and other tools also offer 256-bit encryption, but you won't be able to view the PDFs inline.

Finally, I am in the process of evaluating Wuala which provides highly encrypted Cloud storage that also can sync to your local files like DropBox.

  • Like 1
Link to comment

 

I am a new user slowly getting hooked on to Evernote.  I have been reading about the concerns related to storing secured information on Evernote cloud. I guess the general recommendation is that if you consider some information should be secured, just do not store it in Evernote. Now my question is what documents should be considered secure.

 

1. Storing passwords in evernote or any cloud service is a terrible idea. I get this.

2. Bank statements - some have said that the account no in bank statements is secure information. Can someone explain why this is secure information? what happens when some hacker gets access to it?

3. Tax returns - Can this be kept in evernote?  This contains soc sec no etc.

 

What do you all do? What kind of information that you DO NOT keep in evernote?  Where do you store such information? (e.g another cloud service that supports encryption on storage)? How do you integrate that cloud service with your Evernote workflow?

 

The way I view and use Evernote is this:

  1. Don't put anything unencrypted into Evernote that I consider sensitive.
  2. For sensitive documents I want in Evernote, I encrypt them first (like PDFs)
    1. ​Many PDF tools offer 128-bit encryption
    2. Adobe Acrobat X (and later) and other tools also offer 256-bit encryption, but you won't be able to view the PDFs inline.

Finally, I am in the process of evaluating Wuala which provides highly encrypted Cloud storage that also can sync to your local files like DropBox.

 

I use this approach too.

I don't have many documents I consider too sensitive to hold in my EN cloud. If I want a protection layer on some file I use the documents original built in password protection (for ms-office documents or pdf's) or I compress it with encryption before uploading it to EN. I lose the possibility to find the note through search within the document but I can still find it by words in the description or tags etc.

To minimize the risk of unauthorized access I use 2 factor authentication on my account and password protect my mobile devices.

If someone wants to hack my EN and will invest enough effort I guess they could, but I don't have any top-secret information there as I usually keep the nuclear launch codes on a different system.

Link to comment
  • 9 months later...

Now that EN has a business subscription model, how does this fare with security? To run a business you need to put sensitive data online to share with other employees such as client information, payment methods, invoices.

 

If this is not secure is EN a viable business solution?

 

I'm in the UK. Am I right in believing that my data is stored in Switzerland not the US? Also, if my data is stored in the US not being a US citizen does the US government need a court order to access my data?

Link to comment
  • Level 5*

Now that EN has a business subscription model, how does this fare with security? To run a business you need to put sensitive data online to share with other employees such as client information, payment methods, invoices.

 

If this is not secure is EN a viable business solution?

 

I'm in the UK. Am I right in believing that my data is stored in Switzerland not the US? Also, if my data is stored in the US not being a US citizen does the US government need a court order to access my data?

 

Hi. If your business emails the information, then it is just as secure, if not more so. Whether Evernote is viable depends on the needs of your business. In my career (teaching and research), I avoid cloud services that lack zero-knowledge encryption, and I refrain from emailing anything with sensitive information. This means, of course, that I get very little use out of Evernote now (I used it a lot as a graduate student handling very little sensitive data). It lacks encryption and after I weed out all of the sensitive files (with information about me, my students, my institution, etc.), I am left with nothing but web clippings and some random jottings. It's unfortunate, but there isn't much that can be done about it at the moment. 

 

You are wrong about your data. It is stored in the US, which makes it accessible to the US government.

https://evernote.com/intl/jp/legal/privacy.php

 

You are not a US citizen, so I think the government has a lot more leeway, but as far as I know, it still must present a court order to see your data. While this is a valid concern and an especially important issue, it is probably more likely that the average user will have their privacy/security threatened by a rogue employee (no cases at Evernote yet, as far as I know, but it has regularly happened at other places) or a hacker. However, this is still a threat you would have with most email services as well.

 

Evernote does a lot of things right with security, and are ahead of many other companies I use, but it seems to me that they could do a lot better.

  • Like 1
Link to comment
  • Level 5
Quote by Evernote's CEO when Evernote Business was launched:

 

"I think companies that are not comfortable using the cloud aren't going to be Evernote customers," Libin said. While he estimated that may eliminate 50 percent of potential corporate business, he expects that more companies are going to get comfortable using cloud products in the future. Libin isn't expecting to sell to financial institutions since, he said, that is the industry least likely to purchase cloud products at the moment. However, the creative industry is already using a lot of cloud products, he added. "I think the opportunity is huge," Libin said.

 

  • Like 1
Link to comment
  • Level 5*

 

Here are a couple perspectives from senior Evernote employees:

 

On the Evernote podcast (#18) the Evernote VP of Marketing, Andrew Sinkov, said
he stores his tax returns on Evernote. He said it could be kept local, but he prefers to keep it sync'd via the server.

I would expect nothing less from the VP of Marketing.

 

Thankfully, Evernote has the local notebook option. It blows my mind that there are somewhat similar products that do not offer local storage - I think many users are oblivious to the risks. While it's true that Google doesn't offer local storage for just about any product they have, and many millions of people use Google products, Google has a much larger security budget than any personal information mgmt software company.

  • Like 1
Link to comment
  • Level 5*

i'm perfectly comfortable using the cloud (someone else's server that i connect to through the internet), but not unencrypted. it's not about comfort. it's about security.

i think there'd be a larger opportunity for them if they used encryption, but i guess they've run the numbers and determined that it's more cost effective to leave it out of Evernote. i've never been able to figure out why. dave (cto) and phil (former ceo) have made it clear over the years that evernote isn't well-suited for people whose workspaces need encryption.

Link to comment
  • Level 5*

Here are a couple perspectives from senior Evernote employees:

 

On the Evernote podcast (#18) the Evernote VP of Marketing, Andrew Sinkov, said

he stores his tax returns on Evernote. He said it could be kept local, but he prefers to keep it sync'd via the server.

I would expect nothing less from the VP of Marketing.

 

Thankfully, Evernote has the local notebook option. It blows my mind that there are somewhat similar products that do not offer local storage - I think many users are oblivious to the risks. While it's true that Google doesn't offer local storage for just about any product they have, and many millions of people use Google products, Google has a much larger security budget than any personal information mgmt software company.

in my opinion, it's not a matter of budget, trustworthiness, or innovation. everyone is vulnerable to some degree, regardless of the money or resources companies throw at the problem. if anyone is thinking they haven't had their data scooped up yet, they have. they just don't know it.

when everything is encrypted and only we have the keys, then we'll be a lot better protected when (not if) our files are accessed without our permission.

  • Like 1
Link to comment
  • Level 5
Back in the good old days, when Evernote employees were more open with their comments, I grabbed the following info posted by Dave Engberg (in 2009). A lot has changed since then.  Edward Snowden did not hit the security headlines until 4 years later. I wish Evernote would still be this open and sharing with their information. But as they got bigger, I presume they had to start washing and filtering their public comments through a department of legal advisors first.

 

Excerpts from Dave Engberg - Chief Engineer at Evernote - 2009

 

* [Evernote] mitigates these risks through a layered set of security policies and technologies.

 

* Your login information is only transmitted to the servers in encrypted form over SSL, and your passwords are not directly stored on any of our systems.

 

* There's no uber-index of contents of accounts ... we maintain separate user search indices of each user on decentralized storage with no cross-access between individual servers.

 

* Like a secure banking site, we encrypt the connections via SSL so that someone on your network can't see your data go by. Your checking balance is not encrypted in your bank's databases, however, and your notes are not encrypted within Evernote.

 

* Our Privacy Policy and Terms of Service restrict what we can (and would) do with your data ... in particular, we have never (and will never) give your own data to other parties.

 

* When you add a note to the service, it is secured like your email would be at a high-end email provider. This means that your notes are stored in a private, locked cage at a guarded data center that can only be accessed by a small number of Evernote operations personnel.

 

* Physical access to all storage (online and offline-backup) requires multiple authentication factors in protected facilities, and is restricted to only the four full-time IT/Operations staff that maintain the servers.

 

* Even Phil, the CEO, doesn't have passcards and keys to the data center. Security policy says that the departure of any such staff will result in full rekey and change of all passwords, etc.

 

* Administrative maintenance on these servers can only be performed through secure, encrypted communications by the same set of people. All network access to these servers is similarly protected by a set of firewalls and hardened servers.

 

* If you have some notes that you only want to access from a single computer, you can place these into a "Local Notebook" on our Windows or Mac client. Notes in a Local Notebook are never transmitted to our service, so they aren't accessible from the web, or from your other computers.

 

and more comments from Dave Engberg - Chief Engineer at Evernote - in 2010

If a server has access to encrypted data, and access to the keys required to decrypt that data (for searching, display on the web, etc.), then anyone who successfully attacks that server has access to your data. If someone can gain control of that server, then the encryption has absolutely no value (other than making things slightly inconvenient). The attacker can make the server decrypt the data and read whatever she wants.

 

Meaningless encryption offers the illusion of security, which is frequently more dangerous than intentionally and transparently omitting encryption.

 

The only "meaningful" encryption would require that Evernote does not have a copy of the keys to decrypt the data at all. I.e. we just store a big blob of data that can only be decrypted by a client that has the keys. This would mean: no web interface, no "thin" mobile clients, no image processing/OCR, etc. If you lose/forget your personal encryption key/passphrase, then your data is basically unrecoverable (since Evernote doesn't keep a copy of the key).

 

This is actually what we do for the "encryption" feature within Evernote ... if you select some text in a note and encrypt it, that is encrypted with your passphrase, and Evernote does not have any secret "back door" to read your encrypted data. This is why you can't search for the contents of encrypted regions from the web ...

 

I.e. you're talking about an opaque file storage service, like one of the secure backup services. Not "Evernote." While these sorts of services have their place, that's not what Evernote's consumer service aims to be.
Link to comment

Many thanks for the responses. It seems that if you want security, then forget the cloud!

 

I've tried various encryptions, to encrypting the text myself with gpg, using saferoom (easiest option) or Encrypto. However, I've come to realise that zero-knowledge encryption would remove the majority of EN features. If everything was encrypted in EN then you'd be able to find nothing. Especially if the content was is what you're trying to search!

 

I've been using saferoom and think it's probably the best way to go. Saferoom encrypts the notes content, but not tags or title. If you have a descriptive title and tags, you should be able to find your content with ease.

 

I would imagine EN will never bring out proper zero knowledge encryption as it would stop them being able to search and index stuff. Any item that is encrypted would be removed from the index. Saferoom is probably as close as we're going to get.

 

It has made me ask the question whether I really need things in the cloud, but it is useful to have your data everywhere as more than once I've needed a particular document at the bank, at an airport or in a meeting an EN has been great. I do have Devonthink Pro office, but this really doesn't have proper mobile support as the iOS app hasn't been developed in a long time. I also like the fact the EN gives me an extra layer of backup offsite, being in the cloud. Encrypted documents in Dropbox is ok, but decrypting them on mobile is a problem.

 

I fear that with the rise of government snooping and global hacking, the cloud is on a long course for failure. Searching has become the defacto way of retrieving data and encryption closes that door. Apart from searching within an encrypted environment, I cannot see a way forward. It essentially means all our systems need to change. We need tools that provide an encrypted environment and all the other tool features need to run inside this environment.

Link to comment
  • Level 5*

searching encrypted databases seems to be a challenge that folks are handling pretty well, from what i have seen on the web. if the encryption is done client-side, and unencrypted when the app is open, there's no problem. voodoopad, for example, seems to have managed it just fine. i think the evernote folks are pretty smart, and they "could" do it, but they don't want to for other reasons. in other words, it isn't the technical challenge (i guess -- i'm no expert). it's a design decision. if i had to guess, i'd say they are waiting to see how govt. regulations in the us are going to shake out, because there is an idea in some governments (the us and uk) that the government should be able to access anything on anyone's servers. this is obviously antithetical to zero-knowledge encryption.

 

[edit]: whoops. forgot about the elephant in the room. microsoft apparently has zero-knowledge encryption for onenote. if this is true (i haven't been able to confirm it with any microsoft literature, and i haven't tested it to see how the search works), then that would not only be clear evidence that zero-knowledge encryption is technically feasible, but it would also call into question my guess about evernote's reasoning for not adopting it. after all, if microsoft offers zero-knowledge encryption and the govt. is ok with that, what's to stop evernote from doing it?

  • Like 1
Link to comment
  • Level 5*

However, I've come to realise that zero-knowledge encryption would remove the majority of EN features. If everything was encrypted in EN then you'd be able to find nothing. Especially if the content was is what you're trying to search!

 

I've been using saferoom and think it's probably the best way to go. Saferoom encrypts the notes content, but not tags or title. If you have a descriptive title and tags, you should be able to find your content with ease.

 

I would imagine EN will never bring out proper zero knowledge encryption as it would stop them being able to search and index stuff. Any item that is encrypted would be removed from the index.

. . .

Searching has become the defacto way of retrieving data and encryption closes that door. 

 

Sorry, but I have to disagree that encryption prevents searching.

 

As you stated with regards to SafeRoom, Evernote could just encrypt the Note contents and leave all of the metadata (Note Title, Tags, dates, etc) as clear text.

 

So if you plan to encrypt a Note, you would just make sure you had a good descriptive title (with keywords) and a good set of Tags to facilitate searching.

 

In fact I think this would work very well.  Most of my Notes are of some type of reference material or of historical nature, neither of which is sensitive information.  They don't need encryption.   But a few of my Note would be sensitive, and would need encryption.

 

In either case, I rely mostly on the Note Title and Tags to search/find my info.  It is a rare occasion that I need to do a full text search.

Link to comment

Sorry, by talking about encryption preventing searching I meant the present EN setup. The content of an encrypted note is not searchable.

 

I'm leaning more and more towards saferoom. I have to spend some time thinking through the cloud issue. As how I go on now reflects the future. If i remove sensitive data to a mac only app, I see little point in retaining the use of evernote. The idea is to have everything in one place. I have Devonthink Pro Office, but never liked using it although it is powerful, plus it's iOS app is woeful.

 

An EN alternative would be to place sensitive data on a local notebook only. Does anyone do this how how is it working out practically? I'm assuming that local and synced notebooks are all searchable with the local EN app?

Link to comment
  • Level 5*

Sorry, by talking about encryption preventing searching I meant the present EN setup. The content of an encrypted note is not searchable.

 

I'm leaning more and more towards saferoom. I have to spend some time thinking through the cloud issue. As how I go on now reflects the future. If i remove sensitive data to a mac only app, I see little point in retaining the use of evernote. The idea is to have everything in one place. I have Devonthink Pro Office, but never liked using it although it is powerful, plus it's iOS app is woeful.

 

An EN alternative would be to place sensitive data on a local notebook only. Does anyone do this how how is it working out practically? I'm assuming that local and synced notebooks are all searchable with the local EN app?

 

local notebooks are a great security feature in evernote, and i thought they worked well for me when i had them (searching is fine), though the obvious drawback is the inability to sync. if you only work on one device, or if you can effectively separate private (local) and public (synced notebooks) stuff, then they are ideal.

 

i am pretty impressed with devonthink, myself, and i think if you only work on a mac, it really is the best way to go. evernote's selling point is its ubiquity, and while it could be called the best notetaking app found on every platform, i don't think many people would claim that it is the best personal information manager / notetaking app on the mac. or on windows (connectedtext?) for that matter.

 

the ios app for devonthink isn't that bad. it's kludgy and certainly not as polished as evernote's, but it gets the job done, and it can sync through wifi, which makes it possible to securely sync between devices without the cloud. this is a huge benefit for the security conscious and anyone traveling away from an internet connection.

Link to comment

GrumpyMonkey, you sound like your gradually going off EN?

 

The attraction to EN for me is that many ways of getting things in. I can add anything easily to EN from any device. That can't be said for Devonthink. Also the retrieval on mobile is also great.

 

The whole security and encryption has ruined the simplicity of the internet. I know it was never there, but tools that were great to use now need to be filtered with a whole bunch of security questions. At this rate I won't be using the cloud period. Especially if Cameron manages to push through his crazy anti-encryption legislation.

Link to comment
  • Level 5*

So what's wrong with putting encrypted PDFs into Evernote Cloud?

 

All of the metadata of the Note where the PDF is attached would still be searchable.

Furthermore, one could if so desired, add keywords and even an abstract which are not sensitive info at the top of the Note.

This, of course, would be available for search.

Link to comment
  • Level 5*

An EN alternative would be to place sensitive data on a local notebook only. Does anyone do this how how is it working out practically? I'm assuming that local and synced notebooks are all searchable with the local EN app?

I use local and synced notebooks. It works fine, but of course you can only search/access the local notebook notes on one computer. It would be nice to have access to all notes from any device, but I find that from a practical perspective, this is rarely necessary, at least in my case. So I have no problem separating the sensitive stuff into a local notebook and everything else goes to synced notebooks.

 

If EN dropped local notebooks, I'd drop EN because it's only a matter of time before that growing treasure trove of data on EN's servers proves very attractive to very capable hackers.

  • Like 1
Link to comment
  • 6 months later...

Does anyone know if there is an update on this?

I've not been using EN for 6 months and am looking at my options. Secure encrypted data is now a must. I see no value of unencrypted data in the cloud. Even personal family data requires security. EN is becoming less and less viable unless this changes. What are the chances of that happening? People keep mentioning the local notebooks, but that defeats the purpose of EN for me especially as I also have Devonthink.

If EN added an ability to sync via wifi to mobile devices that would solve most problems.

Will EN find less and less people/organisations will use EN? I work for a charity in the UK and charity law forbids the use of EN as I must prove that I'm using reasonable precautions when dealing with personal data. Reasonable means encrypted, from email to online storage. At the rate things are going either everything will need to be encrypted or digital systems will be unviable.

Perhaps I need to start carrying my data on an Encrypted USB and forget the cloud. The only problem is that there doesn't appear to be access to encrypted USBs on mobile devices from apple. If I could just plug my USB into my iphone and search that would be great!

Link to comment
  • Level 5*
23 minutes ago, why? said:

Does anyone know if there is an update on this?

Can you be more specific as to what you want updates on?

Yes, some (all?) of your data should be encrypted if it goes into the cloud.  
Or for the more paranoid, even if it goes into your computer.
Evernote offers an encryption tool, and there are external solutions.

Maybe I should be more paranoid but I feel some sense of security in using the native Evernote cloud services.
Of course I do encrypt sensitive data.
Its not like I'm posting on a public web page or forum.

>>I see no value of unencrypted data in the cloud

It would be very inconvenient to keep my shopping list encrypted.
Encrypting the data means its not available for service like Evernote's image/pdf OCR
Sharing notebooks .
I've built up a reference database and want easy access to it - its mostly public web clippings and scanning

Link to comment

I'm asking if EN are becoming HIPPA and FERPA compliant or at least moving to a more secure information repository.

Although I agree that generally keeping your shopping list in the cloud doesn't need encryption that's exactly the kind of information amazon, google etc are interested in. It comes back to being able to accurately profile people. The more information you have on an individual the the easier to sell them something or impersonate them. One shopping list may not be an issue, but if I had your shopping lists for the past 12 months that may begin to compromise your security. My mobile phone contract can be altered by telephone with only three pieces of information. DOB, zip code, and payment method. On there own these pieces of information may seem insignificant and not requiring encryption, but together they could be used to steal your identity. Image that you store 10 years of your life in evernote. Little pieces of information that may seem to pose no security threat whatsoever, but add them together; your parking tickets, shop receipts, tweets, facebook posts, emails, text messages, etc and someone could build enough of a profile to begin to hack your life. Why would folks want to do that? Usually money.

Sadly the internet isn't secure anymore, really it was never secure, but we're now in the position where people know that they can get information from unwitting folks and use it to extract money. The internet is not the same as it used to be. You've now got to look at possible scenarios. Most folks are often too lazy to store one set of data in an encrypted format because of effort. So they mix sensitive and less sensitive data. Many large corporations have been hacked. Just because EN hasn't doesn't mean it's secure. The real security is in how people can access the information once they're in.

I don't know what the answer is. The more security the less easy the software becomes to use. Increase the number of plugins that can access the service and you increase the possiblity of holes. Even the great Apple corporation have not yet fully stopped jail breaking and they've been trying for 7 years. Is it unreasonable to expect EN to make sure that I can encrypt my data on my client? Now i know this is already possible, but it is piecemeal at best. I want to encrypt notebooks, I want a password entered when opening the app and another one when opening specific notebooks, I'd like data encrypted at rest. Ultimately it's a fight between ease of use and security. This will change when someone hacks EN and data is stolen, but that is putting up the fence after the event in my opinion.

Link to comment
  • Level 5*
9 minutes ago, why? said:

I'm asking if EN are becoming HIPPA and FERPA compliant or at least moving to a more secure information repository.

HIPPA and FERPA compliance - Now that is taking the discussion to a new level.
I haven't looked at that for a while, but I seriously doubt that EN fits in.

I'm not sure what you mean by "a more secure information repository."
Evernote has implemented a certain level of security; as a user you can supplement that.
What are you asking Evernote to implement?

Link to comment
  • Level 5*
11 hours ago, why? said:

The more information you have on an individual the the easier to sell them something or impersonate them. One shopping list may not be an issue, but if I had your shopping lists for the past 12 months that may begin to compromise your security.

Do you use any Google products, like GMail, Google Search, Google Maps, or Google Chrome browser?

If you do, then Google already has a tremendous amount of info about you.  In my case, far, far more than could be mined from my Evernote account, and I have over 16,000 notes.

Link to comment
  • Level 5*
11 hours ago, why? said:

Data secure at rest and encrypted. Not individual notes, but all data

Got it.

Evernote currently only offers encryption at the text level within a note.

So, the request would be for the option of encryption at the note/notebook/all levels.

Link to comment
6 hours ago, JMichaelTX said:

Do you use any Google products

Nope. For that very reason. Google are a massive concern as they do not respect anyone's privacy. I don't even use their search engine. Google are more like a virus that looks to get its tentacles into every area of your life. After not agreeing with Google's latest privacy policy (where they now store your browsing history on their servers not in cookies on your machine, so you can't delete it) I found I was locked out of using google as a search engine. In my opinion google is no longer a search engine but a classified ads service that ranks results according to payment and their opinion on how people should build there websites.

It seems that until something changes, the cloud is not a secure place bar those offering zero knowledge encryption. If only every cloud based organisation offered that facility. Pardon my paranoia, but I live in the UK and we're the worst. We're the most CCTV covered country in the world and our governments policies on privacy are rapidly removing our right to keep your information private. I'm beginning to understand why people are going offline.

Is there anyway to run evernote off a USB?

Link to comment
  • Level 5*
4 hours ago, why? said:

Is there anyway to run evernote off a USB?

Not that I know of.

>>Do you use any Google products Nope. For that very reason.
I acknowledge your concerns and it's good that you are aware of the compromise to your security/privacy.  I think many people are blind to this, however would still use the services even if they thought about it.

And given your concerns (as you say, paranoia) I understand your desire for complete encryption of your Evernote data. Since it's not currently an option, the only solution I see is a third party application to encrypt your data before adding it to Evernote.
 

Link to comment
1 hour ago, DTLow said:

And given your concerns (as you say, paranoia) I understand your desire for complete encryption of your Evernote data. Since it's not currently an option, the only solution I see is a third party application to encrypt your data before adding it to Evernote.
 

I think the real decision is to either separate clearly all sensitive from non-sensitive data and place the sensitive elsewhere. However, I don't think that there is any non-sensitive data, certainly not in terms of prolonged collection of data that EN encourages. Encrypted notes in EN are essentially the same as local notebooks as searching and reading them becomes impossible on mobile. Let's face it EN needs data unencrypted for it to be viable. Without that most of EN's features become irrelevant. Maybe the position I have arrived at is in setting my personal criteria for acceptable cloud storage. This has to be zero knowledge full encryption. So sadly EN is no longer suitable.

I do wonder if anyone else thinks this way and if EN are going to have to offer this at some point or lose custom?

What I don't understand is that if EN is not FERPA HIPPA compliant how can businesses be using EN to store sensitive client details? Do businesses have no legally required compliancy is storing customer data?

Link to comment
  • Level 5

No matter how secure a site is, there is always someone who wants more.

Back in the good old days, when Evernote employees were permitted to discuss Evernote issues more openly, I captured some interesting security related comments:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

  • Dave Engberg - Evernote CTO

If a server has access to encrypted data, and access to the keys required to decrypt that data (for searching, display on the web, etc.), then anyone who successfully attacks that server has access to your data. If someone can gain control of that server, then the encryption has absolutely no value (other than making things slightly inconvenient). The attacker can make the server decrypt the data and read whatever she wants.

Meaningless encryption offers the illusion of security, which is frequently more dangerous than intentionally and transparently omitting encryption.

The only "meaningful" encryption would require that Evernote does not have a copy of the keys to decrypt the data at all. I.e. we just store a big blob of data that can only be decrypted by a client that has the keys. This would mean: no web interface, no "thin" mobile clients, no image processing/OCR, etc. If you lose/forget your personal encryption key/passphrase, then your data is basically unrecoverable (since Evernote doesn't keep a copy of the key).

This is actually what we do for the "encryption" feature within Evernote ... if you select some text in a note and encrypt it, that is encrypted with your passphrase, and Evernote does not have any secret "back door" to read your encrypted data. This is why you can't search for the contents of encrypted regions from the web.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

  • Heather Wilde - Evernote Support Maven said:

lots of people are asking us to do just that [total complete encryption]. And as I said way back in the early pages of this thread, it's kind of antithesis to the whole point of Evernote. We kind of don't understand why you would want to *use* Evernote if you can't use the major whiz-bang features of it. For example, if we introduced full notebook encryption, presumably we'd have to have a way to *decrypt* those notebooks on all the clients that we sync to as well, or your notes would be worthless everywhere except where they're decryptable.

Additionally, on the mobile clients, even if you could decrypt them, you'd be limited to scrolling through your notes in those notebooks to locate the one you want, because we don't index encrypted content. So, it just makes us a really unwieldy note program.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

  • Andrew Sinkov - Evernote VP of Marketing (prior position Corestreet - Identity & Access Management) 

On Evernote podcast #18, Andrew said he stores his tax returns on Evernote. He said it could be kept local, but he prefers to keep it sync'd via the server.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

Those comments were in the past. I don't know where Evernote security is going today.

 

  • Like 1
Link to comment
  • Level 5*
1 hour ago, why? said:

What I don't understand is that if EN is not FERPA HIPPA compliant how can businesses be using EN to store sensitive client details? Do businesses have no legally required compliancy is storing customer data?

To my limited knowledge FERPA and HIPPA would not effect all businesses, more health and education verticals. 

Good question on "standard" customer data, beyond credit card information, SSN and the like.

Net of it all, it does not sound like EN will meet your encryption requirements.  Quite a few other posts in these forums on this topic.  Look up a user name GrumpyMonkey, he has strong views and ideas as well.

Link to comment

Many thanks, I appreciate that HIPPA and FERPA are specific, but thought there must be some governing standard for businesses? Can they store their clients payments details in EN? I just seem not to understand how EN business works as I assumed that that would invariably include some sensitive data or personal information and would have to follow some government standards similar to FERPA. I know as UK charity you cannot use EN for personal information from those in your charity data.

Link to comment
  • Level 5*

The UK has some serious data protection regulations which prevent any 'personal data' being stored electronically without suitable and sensible safeguards, and most specifically objects to data being moved outside the UK - with some very precise exceptions.  What you do with your own data though,  is (AFAIK) up to you. 

'Vanilla' Evernote wouldn't be suitable for any institution or charity to record such data about individuals,  although it's perfectly acceptable to use the app for products,  technical information and the like.  Personal data could be encrypted with Saferoom or something similar  (get professional advice before you design your complete system around encryption!) but that then makes it unsearchable which is kind've the point of getting your customer base into a searchable context like this one.  Better to use Evernote as an information distribution center on any relevant topics,  but keep your CRM running on your own local system.

The point here being that 'local' regulations around the world are more important to users than any general business or IT principles related to security.  There's a whole industry out there of catastrophe insurers who'll insure the business you against losses from hacking or data loss,  but things start to get really expensive if you annoy the data protection authorities - I don't think you can insure against their monetary penalties,  and that ain't all they can do to you if you get it really wrong...

However Evernote is never the bad guy in the UK - if I keep things in my database that get me in trouble,  that's my lookout!

Link to comment
  • Level 5*

From my store base retail experience we encrypted the credit card number from the POS terminal to the approver, never saw the number or PIN if a debit card.  Other than that not a point of expertise for me.  Perhaps someone with more knowledge will chip in.  In any case, based upon the hacks in the news in the recent years, whatever standards and encryption that may be in place isn't working all that well.  So if you don't want it seen the cloud isn't the place for it.

Link to comment
  • Level 5
13 minutes ago, gazumped said:

The UK has some serious data protection regulations which prevent any 'personal data' being stored electronically without suitable and sensible safeguards, and most specifically objects to data being moved outside the UK - with some very precise exceptions. 

Does that mean that Evernote keeps a room of computers on British soil for their cloud storage of UK customers?

I expect that is the case for Chinese customers, but has it expanded to each of the countries in the EU?

Link to comment
  • Level 5*

There's something called the Safe Harbor agreement under which personal data can be exported from the UK to the US - there was some excitement recently when it was challenged and (in theory) no US company could take personal data outside the UK.  Facebook,  Google and quite a few other companies were 'concerned',  and did talk about the possibilities and implications of server farms in different countries.

No surprise however,  the agreement was re-approved last year,  and is back in place.  (That's why I mentioned 'very precise exceptions'.)  I assume,  but don't know,  that Evernote meets the requirements of the agreement.  If someone complained to our data protection authority - called the Information Commissioner these days - the IC would investigate an alleged infraction and take any necessary action. 

I don't know what resources Evernote has in the UK,  but I'd bet they're as international as any big IT company.

Link to comment
  • Level 5*
7 hours ago, why? said:

Encrypted notes in EN are essentially the same as local notebooks as searching and reading them becomes impossible on mobile. Let's face it EN needs data unencrypted for it to be viable. Without that most of EN's features become irrelevant.

I have seen this statement made numerous times, but I believe there is an approach provides encryption, and allows searching.

This is very simple:  encrypt ONLY the Note contents.  

  • Thus all of the Note metadata (Title, Tags, dates, etc) would still be available to search on.
  • Your sensitive data would be encrypted and protected
  • You could still search (find) text in a Note after you have decrypted it.
  • Perhaps there could be a feature/option to decrypt selected Notes (including all) on your desktop.

IMO, this encryption approach is a very viable solution, that still supports most of  Evernote's features.

Link to comment

The difficulty is that there seems to be no simple solution. Although I appreciate the "encrypt the note content" method this is not viable with large amounts of data. Essentially for EN to be secure it needs to create a secure environment to work in. Much in the same way 1password operates. You login and do your work and log out. Everything remains encrypted and secure.

In essence, encrypted environments do not seem to cover cloud or mobile well. Getting items encrypted is not an issue, there are many tools. Decrypting on the fly on any device is an issue. If this is not possible, then placing encrypted data in the cloud serves no purpose apart from backup.

I believe that as information hacks and theft increase companies like EN will have to create such environments or loose custom. I've been very happy with EN, but the internet is rapidly evolving and sadly hacking is here to stay. I'm finding my use of online services decreasing simply because they are not secure, from email to sending text messages. Am I prepared to store years worth of data on company servers in an unencrypted form with the possibility that at some point the company may be hacked? No I'm not.

Link to comment
  • Level 5*
On 2016年1月26日 at 11:38 PM, why? said:

I'm asking if EN are becoming HIPPA and FERPA compliant or at least moving to a more secure information repository.

.... Ultimately it's a fight between ease of use and security. This will change when someone hacks EN and data is stolen, but that is putting up the fence after the event in my opinion.

I wish that Evernote had zero-knowledge encryption for everything, but it does not, and I doubt it ever will. Some people argue that Evernote would become unusable if it did have zero-knowledge encryption (things become inaccessible, unsearchable, etc.), but I believe they are incorrect (see link below) and, while it may be a fight between ease of use and security, the hurdles are not so high -- I think you'd be surprised to find out how convenient security can be. 

COMPLIANCE

Evernote is not HIPAA compliant and they don't intend to be (last time they talked about it). Evernote is (understandably) taking a hands-off approach to the thorny issue of "compliance" with other laws, saying in their TOS: "you agree that you are responsible for complying with the U.S. Children's Online Privacy Protection Act (“COPPA”) and, to the extent applicable, The Family Educational Rights and Privacy Act (“FERPA”). As far as FERPA goes, I think that if you are an educator including unencrypted data on your students in your account (names, grades, papers, etc.) then you are exposing yourself to quite a bit of risk, and I would strongly urge you to avoid doing that. The University of Michigan, for example, prohibits faculty and staff from using their accounts for such things.

http://safecomputing.umich.edu/dataguide/?q=node/62

ALTERNATIVES

Encrypted alternatives to Evernote exist, beginning with the most obvious one -- OneNote. I'm still unclear about the details with it, especially when working on mobile, so I cannot say this is the best solution for your situation. Personally, I don't use it. I much prefer DEVONthink (OSX and iOS), which provides encrypted syncing through Dropbox (if you want) or syncing through wifi / bluetooth (avoiding the cloud entirely) for mobile devices.

http://www.christopher-mayo.com/?p=1605

EVERNOTE

You can still use Evernote for some things while using another app for others. Evernote has a ton of great features, amazing developers, and lots of potential. Certainly, the effortless syncing is an amazing feat that no one else has quite managed for notetaking / personal information manager apps. As my career has changed and I've had to deal with more and more sensitive information (my own and that of others), I've had to use Evernote less and less, but if I was still a student or had a job that didn't require me to take measures to protect data on the cloud, I'd definitely be using Evernote a lot more. I hope they change their position on encryption / security, but until then, you may want to try out the alternatives I mentioned.

 

 

  • Like 1
Link to comment
  • Level 5*
18 hours ago, why? said:

Although I appreciate the "encrypt the note content" method this is not viable with large amounts of data.

I disagree.  The note content is actually stored separate from the Note metadata.  I see no issues specific to storing large amounts of data.

Link to comment

EN's security seems somewhat behind Microsoft's. Whereas there may be benign data, I believe that to be miniscule. I can understand the a web designer's portfolio or coder's code, may be benign, or perhaps a classes teaching material or a companies standard documentation. My difficulty is that with each passing year there are more companies being hacked and security is becoming a big issue. It's all well an good for EN to say you, the user, are responsible, but then they should stop telling you to put everything in it, that in my opinion is irresponsible.

If you are offering a service for people to put everything in then you should jolly well make sure everything is going to be secure. If you cannot do that then there should be a prominent section in the documentation, website and purchase page, highlighting what you should not store in EN. EN has a far better handle on security issues than most users. That doesn't absolve them, but places a responsibility on EN to make sure they understand. And not in some policies hidden under piles of other polices.

I would love to see legislation change to make the companies responsible. Banks are responsible for my money. If it gets stolen they are held to account. This is why they have high levels of security. Information, it could be argued, is a lot more valuable than money and perhaps it's time companies like EN treated it as such. If they did, then perhaps their users would too?

By the way, Onenote is in front of EN in terms of security. The ability to protect whole sections is excellent. Also, EN only encrypts text, this is a massive short-coming. No attachments in EN can be encrypted. Onenote encrypts anything in the section you protect

Link to comment
  • Level 5*
2 hours ago, why? said:

EN's security seems somewhat behind Microsoft's. Whereas there may be benign data, I believe that to be miniscule. I can understand the a web designer's portfolio or coder's code, may be benign, or perhaps a classes teaching material or a companies standard documentation. My difficulty is that with each passing year there are more companies being hacked and security is becoming a big issue. It's all well an good for EN to say you, the user, are responsible, but then they should stop telling you to put everything in it, that in my opinion is irresponsible.

If you are offering a service for people to put everything in then you should jolly well make sure everything is going to be secure. If you cannot do that then there should be a prominent section in the documentation, website and purchase page, highlighting what you should not store in EN. EN has a far better handle on security issues than most users. That doesn't absolve them, but places a responsibility on EN to make sure they understand. And not in some policies hidden under piles of other polices.

I would love to see legislation change to make the companies responsible. Banks are responsible for my money. If it gets stolen they are held to account. This is why they have high levels of security. Information, it could be argued, is a lot more valuable than money and perhaps it's time companies like EN treated it as such. If they did, then perhaps their users would too?

By the way, Onenote is in front of EN in terms of security. The ability to protect whole sections is excellent. Also, EN only encrypts text, this is a massive short-coming. No attachments in EN can be encrypted. Onenote encrypts anything in the section you protect

i don't know about legislation (users who are interested might want to visit the eff site), but the app is what it is, and i doubt there is much incentive for evernote to spotlight its weak points, so i don't expect that will happen. the security situation is fairly easy to ascertain by googling a bit. 

 

as for microsoft, i am not convinced yet about how secure its products really are, especially after the snowden leaks revealed its complicity in giving out our data by opening up skype, bypassing encryption, etc. and, of course, they also spied on their own users in the past (hotmail). the news today is that democratic presidential candidates are even avoiding its free software offers because they don't trust it. i mentioned onenote as an option, but i can't recommend it to anyone who is concerned about security. it could just be my ignorance or paranoia, of course...

 

 

  • Like 1
Link to comment
  • Level 5*
2 hours ago, why? said:

Also, EN only encrypts text, this is a massive short-coming.

In all this discussion, that's the point that I strongly agree with.
I feel its my choice/responsibility to encrypt my data, but it bothers me that Evernote only goes halfway on this.
I looked at external products (example Saferoom) but the result is less functional.
 

Link to comment
4 minutes ago, GrumpyMonkey said:

i don't know about legislation (users who are interested might want to visit the eff site), but the app is what it is, and i doubt there is much incentive for evernote to spotlight its weak points, so i don't expect that will happen. the security situation is fairly easy to ascertain by googling a bit. 

as for microsoft, i am not convinced yet about how secure its products really are, especially after the snowden leaks revealed its complicity in giving out our data by opening up skype, bypassing encryption, etc. and, of course, they also spied on their own users in the past (hotmail). the news today is that democratic presidential candidates are even avoiding its free software offers because they don't trust it. i mentioned onenote as an option, but i can't recommend it to anyone who is concerned about security. it could just be my ignorance or paranoia, of course...

 

 

But isn't that a slightly different issue? You're talking about Microsoft be duplicitous. Those accusations could be made against every large conglomerate from Apple to EN. They may well offer encryption that they have a back door to. However, should sensitive work data be stolen in such a manner, I would be absolved for having used reasonable precautions in securing my data. 'Reasonable precautions' does not include duplicitous companies, or no one would be able to store their data anywhere. At face value, Onenote can encrypt an entire section. This data is encrypted on their servers and I have the password. If MS has a backdoor, that cannot be catered for. If MS does have a backdoor then they have been deceptive. Their documentation in Onenote states:

Quote

WARNING   Choose and type your passwords carefully. If you forget your password, no one will be able to unlock your notes for you — not even Microsoft Technical Support. Write down your passwords and keep them in a safe place if you think you may not be able to remember them.

If MS is duplicitous, then I suspect so are the rest. The PRISM programme was connected with all the big companies.

My main concern is with the data on their servers and in Onenote it appears that it is encrypted with my password which is needed to access the data. Anyone hacking their servers still needs that password. This in my book is pretty good security. EN only offers this for text, whereas MS offers this for all information ins the secured section.

Link to comment
4 minutes ago, GrumpyMonkey said:

i don't know about legislation (users who are interested might want to visit the eff site), but the app is what it is, and i doubt there is much incentive for evernote to spotlight its weak points, so i don't expect that will happen. the security situation is fairly easy to ascertain by googling a bit. 

as for microsoft, i am not convinced yet about how secure its products really are, especially after the snowden leaks revealed its complicity in giving out our data by opening up skype, bypassing encryption, etc. and, of course, they also spied on their own users in the past (hotmail). the news today is that democratic presidential candidates are even avoiding its free software offers because they don't trust it. i mentioned onenote as an option, but i can't recommend it to anyone who is concerned about security. it could just be my ignorance or paranoia, of course...

 

 

But isn't that a slightly different issue? You're talking about Microsoft be duplicitous. Those accusations could be made against every large conglomerate from Apple to EN. They may well offer encryption that they have a back door to. However, should sensitive work data be stolen in such a manner, I would be absolved for having used reasonable precautions in securing my data. 'Reasonable precautions' does not include duplicitous companies, or no one would be able to store their data anywhere. At face value, Onenote can encrypt an entire section. This data is encrypted on their servers and I have the password. If MS has a backdoor, that cannot be catered for. If MS does have a backdoor then they have been deceptive. Their documentation in Onenote states:

Quote

WARNING   Choose and type your passwords carefully. If you forget your password, no one will be able to unlock your notes for you — not even Microsoft Technical Support. Write down your passwords and keep them in a safe place if you think you may not be able to remember them.

If MS is duplicitous, then I suspect so are the rest. The PRISM programme was connected with all the big companies.

My main concern is with the data on their servers and in Onenote it appears that it is encrypted with my password which is needed to access the data. Anyone hacking their servers still needs that password. This in my book is pretty good security. EN only offers this for text, whereas MS offers this for all information ins the secured section.

Link to comment

Sorry for the duplicate content, but this is not my doing. There is something seriously wrong with this forum. Constantly getting errors. I submitted once and an error message appeared. I then pressed back and found the post on twice. Cannot seem to delete the duplicate post either.

Link to comment
  • Level 5*

i figure that if data gets out, that's a failure, whatever the reason, though you are correct that i would probably not be exposing myself to risk of litigation or anything like that. it appears from the documentation mentioned that ms is using zero-knowledge encryption, which is great news. however, they do the same thing with the encryption of your hard drive while sending the encryption key to headquarters. bad news. they've got such a spotty record, it is difficult for me to trust them. it would be nice if this was the beginning of a new attitude towards security for ms. 

 

at any rate, it is pretty clear from evernote's competitors (devonthink, voodoopad, onenote, etc.) that encryption is technically feasible. this suggests that evernote has other reasons for not implementing it at the note or notebook level.

  • Like 1
Link to comment
  • Level 5*
3 hours ago, GrumpyMonkey said:

it appears from the documentation mentioned that ms is using zero-knowledge encryption, which is great news. however, they do the same thing with the encryption of your hard drive while sending the encryption key to headquarters. bad news.

Are you referring to Bitlocker? Microsoft has Bitlocker users' encryption keys? That's crazy! 

Link to comment
  • Level 5*
11 hours ago, tavor said:

Are you referring to Bitlocker? Microsoft has Bitlocker users' encryption keys? That's crazy! 

yeah. this is the kind of stuff microsoft does that makes me question their commitment to customer privacy / security.

http://arstechnica.com/information-technology/2015/12/microsoft-may-have-your-encryption-key-heres-how-to-take-it-back/

why they would do such a boneheaded thing is beyond me, but it might have something to do with fears about users losing their own keys or concerns about answering government demands to unlock devices. in contrast, apple gives you the option (in a popup) of sending your data if you want. otherwise, apple says it doesn't know how to unlock your devices, and it doesn't care what is in them, because it is your stuff. nice. if you are going to do encryption, then you ought to do it right like this.

my hope is that evernote will someday follow apple's lead, offer zero-knowledge encryption of notebooks, and just be done with it.

 

 

  • Like 1
Link to comment
  • Level 5*
7 hours ago, GrumpyMonkey said:

yeah. this is the kind of stuff microsoft does that makes me question their commitment to customer privacy / security.

http://arstechnica.com/information-technology/2015/12/microsoft-may-have-your-encryption-key-heres-how-to-take-it-back/

why they would do such a boneheaded thing is beyond me, but it might have something to do with fears about users losing their own keys or concerns about answering government demands to unlock devices. in contrast, apple gives you the option (in a popup) of sending your data if you want. otherwise, apple says it doesn't know how to unlock your devices, and it doesn't care what is in them, because it is your stuff. nice. if you are going to do encryption, then you ought to do it right like this.

my hope is that evernote will someday follow apple's lead, offer zero-knowledge encryption of notebooks, and just be done with it.

Yeah, between stuff like this and the very limited opt outs of Windows 10's data collection on users, I think I'm done with Microsoft once Windows 7 is obsolete.

Link to comment
  • 3 months later...

Voicing my support.

Just started using Evernote and have received a one year premium membership. It looks very nice in both OSX and iOS.

Had used Onenote for some weeks before and previously Simplenote, which is limited to text.

Would love to see Evernote getting end to end encryption, at least optional, so that I can store all my documents in it. I don't need a webinterface. As it stands I'm not comfortable using Evernote to store all my documents.

Link to comment
  • Level 5*
On 2016年5月30日 at 3:47 AM, dangerstranger said:

Voicing my support.

Just started using Evernote and have received a one year premium membership. It looks very nice in both OSX and iOS.

Had used Onenote for some weeks before and previously Simplenote, which is limited to text.

Would love to see Evernote getting end to end encryption, at least optional, so that I can store all my documents in it. I don't need a webinterface. As it stands I'm not comfortable using Evernote to store all my documents.

Welcome to Evernote! It is a great service, in many regards, but security is not one of them, I am afraid. Without encryption, it has now fallen behind Apple Notes (one touch encryption), OneNote (notebook sections), VoodooPad (abandonware that still has better encryption), DEVONthink (encryption / secure wifi sync), and Dropbox (encrypted data at rest, but they have the key, so only for decorative purposes, but at least it is something). I used to say that Evernote had security comparable to that offered by other cloud products, but that cannot be said anymore. 

Everynote has a lot going for it in terms of security, with two-factor encryption and its own servers, but this last step of giving the user complete control over the security of their data has not yet been taken. Perhaps 2016 will be the year? It'd be nice to see.

  • Like 1
Link to comment

I would agree with GrumpyMonkey. EN is way behind in terms of security. For this reason I have now abandoned it, even though I still have a paid subscription. I keep checking back hoping they'll see the light. However, the longer they wait the more people will abandon ship; well, those who care about their data!.

Voodoopad 5 is not yet Abandonware. An update was released Dec 2015. I'm hoping they'll release a version six soon.

I've been beta testing the new Devonthink Go 2 iOS app and it's fantastic. It securely syncs all your data to ios. You can use their cloud, but I'm avoiding cloud storage without a clear zero-knowledge encryption.

If you're new to EN, they I would encourage you to think clearly about what you're using EN for. It's great for many things, but not personal or sensitive data. If you need secure data then GrumpyMonkey has listed some good alternatives.

Link to comment
  • Level 5*

For Mac and iPad Users:

If you want a PIM (Personal Information Manager) now that supports AES-256 encryption, checkout Yojimbo:

Quote

Industrial Strength Encryption

Yojimbo helps you protect the privacy of your sensitive information, by providing easy to use encryption. This encryption is used automatically for Password items, and you may also choose to use it (on a per-item basis) for Notes, Images, PDFs, and Web Archives.

Yojimbo uses the Advanced Encryption Standard (US FIPS PUB 197) algorithm, with a 256-bit key (AES-256).

According to the Committee on National Security Systems :

The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths. The implementation of AES in products intended to protect national security systems and/or information must be reviewed and certified by NSA prior to their acquisition and use.

Download the complete report here.

You can encrypt any item other than a Bookmark or Serial Number with a single click on the Encrypt button. (Yojimbo encrypts Passwords by default.)

I am evaluating Yojimbo now.

Link to comment
  • Level 5*

Yojimbo is pretty cool. And, I am a huge fan of BareBones -- longtime user of BBEdit. However, I think DEVONthink is going to be the superior solution if you are looking for encryption on both OSX and iOS, because Yojimbo on iOS (last I checked) is read-only, so it is of limited value. It's nothing to sneeze at -- syncing effortlessly and securely on your home network instead of the cloud is a big deal. But, DEVONthink already does that, plus a lot more. I like both apps for different reasons, and I am glad they are both around -- hopefully Evernote will join the growing ranks of apps (many of their competitors) that support encryption.

VoodooPad's last update, if I recall correctly, was a fix to broken encryption. It may have involved a herculean effort on the back end, but the consumer experience remains unchanged, iOS remains stuck years in the past, and the Dropbox syncing is rather fickle -- last I used it I lost data. I don't think a maintenance update every year or two really counts as active support (take a look at the forums for a sense of how much talking is going on about it). I think it is abandonware, I am afraid, but I hope Plausible Labs proves me wrong. Still, it does kind of work, especially if you are just on OSX, and it still does a lot of stuff better than anyone else. I will note that DEVONthink has similar (better, in my opinion) linking capabilities.

DEVONthink To Go (the iOS version) is amazing, and it is great to see it nearing release to the general public. I think Evernote has a pretty strong lock on a huge swath of this market, and I doubt they are quaking in their Birkenstocks, but it would be very, very difficult to say that they are the industry leader anymore, certainly not in terms of security. I really think they dropped the ball (many years ago) on this, but it is still there, waiting to be picked up again if they are willing to make a real commitement to securing customer data. 

Link to comment
  • 3 years later...

Hi all, what if all sensitive information (like credit cards, passwords, passports, payslips, taxes, codes etc etc etc) are stored in an excel file - password protect the excel file and then place this excel file into a note. Woudn't that be much safer?? 

I am not a security expert and I have no idea about the effectiveness of excel protection but I guess that Microsoft uses advance algorithms in their passwords and security issues.

Link to comment
  • Level 5*
19 hours ago, Markaseos said:

stored in an excel file - password protect the excel file and then place this excel file into a note. Woudn't that be much safer?? 

Yes much safer, I use encrypted attachments to add security for my sensitive data; PDFs, Office/iWork documents,...
Keep in mind, this also excludes the data from being indexed for searching

  • Thanks 1
Link to comment
  • Level 5*
19 hours ago, Markaseos said:

I am not a security expert and I have no idea about the effectiveness of excel protection but I guess that Microsoft uses advance algorithms in their passwords and security issues.

And none of us here are qualified security expert professionals.  I would NOT guess, nor accept the opinions of anyone here without first doing your own research to either find the expert opinion of security professionals about Excel security (or any other file type), or to directly ask the security pro.

I used to think that PDF files using 256-AES encryption were very secure.  Looks like may not be true. 

From https://nakedsecurity.sophos.com/2019/10/03/pdf-encryption-standard-weaknesses-uncovered/
 

Quote

What does this mean?
As with other formats that share some of the PDF’s security characteristics (XML, S/MIME, and ePub for instance), there is clearly some work to do in terms of AES-CBC’s integrity protection.

This must be fixed in future PDF specifications and any other format encryption standard, without enabling backward compatibility that would re-enable CBC gadgets.

Thanks to the widespread use of TLS encryption, it would be difficult for attackers to intercept and modify PDFs as they move across a network or the internet, whether the documents themselves are encrypted or not. However, PDFs at rest have been shown to be vulnerable.

If you think it’s worth encrypting your PDFs and you want to be sure they haven’t been tampered with, use a respected third party encryption tool, like GPG.

Good luck to all.  May all your data be safe and secure.

Link to comment
  • Level 5

We should IMHO separate between security and trust.

Security is the technical side. EN runs on servers hosted by Google, probably among the safest places in the world to put data. They will not store as files in a traditional way. Everything is broken up in bits and pieces, and only the server software can put it back together. It does so when an authorized access happens. This can be the user, or algorithms operated by EN to OCR things and make data accessible. The user side one can influence himself, by using good passwords, 2FA and observing some rules when on public WiFi (like switching your VPN on). And yes, from my understanding EN is by its structure safe from ransomware attacks. If the local data base gets brute force encrypted, it can not sync any longer.

The other aspect is trust. This everybody has to evaluate himself. I had the additional issue that I can not store data related to my business in a cloud service without signing a data processing agreement with the service provider. EN did it, which adds a layer of trust for my clients. I think EN is running an understandable business model that is based on mutual trust, and a reasonable payment. They do not trade with their customers data, like others do. I would not trust a service that claims to come for „free“ - because there is nothing as a free lunch, day by day.

Conclusion: Personally I store all usual day to day stuff in my EN account, as I would do on a local drive or on paper in a folder. Among these are banking documents, tax issues, professional documents, all this. I think it is safe there, and I trust EN to handle it properly. The few things I do not store in EN is everything related to IT security like passwords, private keys for encryption etc. For these I use a good password manager.

Link to comment
  • Level 5*
33 minutes ago, PinkElephant said:

For these I use a good password manager.

Where it's "safer" due to encryption?

Link to comment
  • Level 5

Yes - because it is completely encrypted, not as in EN just a text snippet or an attachment.

Furthermore it integrates itself with most browsers. This means that the passwords are not copied by a normal clipboard process (from where they might get compromised), but channeled through the PW-managers integration as a plugin. It does not only store logins, but other types of valuable data as well. It is build for that purpose - EN is not.

Link to comment
  • Level 5*
4 hours ago, PinkElephant said:

Among these are banking documents, tax issues, professional documents

I guess I draw the trust line here, not so much with EN but with the web world in general. The above I store in a local notebook With my own daily backup process.  Horse for courses. 

Link to comment
  • Level 5*
29 minutes ago, CalS said:

The above I store in a local notebook With my own daily backup process.

Yup. Me too. No question about Evernote's security, or how terminally boring my bank details would be to anyone else... but the account numbers and some other information is potentially stealable. "Better safe" is the general theory. 

Link to comment
  • Level 5

It is an old conflict:  Effort vs. gain, sweat vs. grain, risk vs. opportunity etc..

Typically these functions have a wide area of comfort in the middle, with steep inclines at the sides. In security terms we are all pretty safe in the middle of the valley. When we start to climb to the „security peak“, things start to get laborious: Local encryption, own backup etc. When we idle to the „Comfort  hills“, we find that beneath the lush green there are treacherous rocks: Stolen passwords, lost information, identity theft. 

Personally I think if one gets targeted by pros that want to mine specific information, you can make it hard, but there will be a soft spot. But these guys do not occupy themselves with such little game, there is not enough to win for the effort. So I try to stay safe from the scriptkiddy down the road, who just wants to find out. And from those who live from spamming many, to scare some, to scalp a few.

With only an account number there is not much one can do (that can’t be undone), and that I pay my taxes should not be a big surprise either.  I am not advertising this sort of documents, but they need to be stacked someplace. It is easier to keep one place locked up, than sticking a nut under each rock. Just ask the squirrels 🐿 

  • Like 1
Link to comment
  • Level 5*
3 minutes ago, PinkElephant said:

things start to get laborious: Local encryption, own backup

This is where Backupery helps out.  Automagic backups every night at 1 AM.  So not too laborious.  Yup, everyone has to pick their elevation in the valley.

Link to comment
  • Level 5*
10 hours ago, PinkElephant said:

EN runs on servers hosted by Google, probably among the safest places in the world to put data.

May be, but I don't know that for a fact, and I have not seen any third party reports on security of Google provided storage.

10 hours ago, PinkElephant said:

I think EN is running an understandable business model that is based on mutual trust, and a reasonable payment. They do not trade with their customers data, like others do. I would not trust a service that claims to come for „free“ - because there is nothing as a free lunch, day by day.

I can learn to trust a person, an individual, but not so much so with companies.  While you may like the current CEO and technical staff, that can change, and does change, in a heart beat.  Evernote has now been through at least 4 CEOs, and a complete turnover in their technical staff.  The venture capital companies that own most of the private stock in Evernote could decide tomorrow to radically change the focus and staff of Evernote, focusing more on ROI than on customer security.

IAC, most computer break-ins are facilitated by an insider with the necessary access.  So while the company, the investors, and the users may all think the company has great security from being hacked, that can all be undone in moment by an insider.

Bottom line:  I don't put anything in the Evernote Cloud that could harm me if read by someone else.  And just to "keep the honest people honest", I have been using AES-256 encryption to further protect sensitive documents.  I've just learned that may not be good enough, and so now I'm switching to GPG.

For my highly sensitive documents, I just keep them on my local drive, encrypted with GPG if necessary.  I don't bother with Evernote Local Notebooks because they offer no advantage to me.  The Mac Spotlight search tool is excellent, I would say even better than Evernote Search.  I can store my sensitive docs in well organized folders, with Finder tags as needed, and Spotlight easily finds them.  The Mac also offers a "FileVault" which encrypts everything.

Finally, just like a company insider can do the most damage, the same is true for our households.  It is sad that the police report that most violence to a family member is done by other family members.  So that means you must also keep your Mac or PC secure from others in your home, even your spouse/significant-other.  At a minimum, that means that, if you share a computer, each person has a separate login, and each user account is properly secured from other users.

Just my 2¢.  YMMV.  Good luck to all, and may all your stuff be secure.

Link to comment
  • Level 5*
On 5/3/2020 at 4:06 PM, JMichaelTX said:

For my highly sensitive documents, I just keep them on my local drive, encrypted with GPG if necessary.

That's valid; I would include a link in an Evernote note

>>I can store my sensitive docs in well organized folders

Nope, I'm done with folder filing methodology

>>with Finder tags as needed

I'm considering exporting my Evernote tags to Finder tags   
The scripting is getting complex

edit;

>>It is really not up to you to say what is valid or not valid for me.

ok, I'll say what's valid for myself

>>I have no idea what "nope" means in this context

Nope means I'm done with folder filing methodology

Link to comment
  • Level 5*
3 hours ago, DTLow said:

That's valid; I would include a link in an Evernote note

It is really not up to you to say what is valid or not valid for me.

3 hours ago, DTLow said:

Nope, I'm done with folder filing methodology

I have no idea what "nope" means in this context.  I did not ask you for anything.  If you prefer not to use Mac folders, that's fine.  I find them very useful.

Link to comment

It has been interesting to read this thread dating back to 2014. I don't think agreement is going to be reached on what is safe. I do think there's much scaremongering going on. I read the PDF encryption security may not be safe article, but it requires a particuler set of circumstances and is just not realistic. Having said that, if someone is determined to get your specific data nothing will stop that, even hiding it in a file in a safe in your house is not secure. I tend to live with the general idea that I'm not being specifically targeted. If I were a journalist, I would most likely have a computer not connected to any network. My passwords live in a password manager as does other needed sensitive data. My HDD is encrypted and apple do not have the keys. Most other info goes into EN. I see no point in having many different repositories. I use a specific naming convention so that folders in the main are not required. I've used GPG and it's a pain in the butt. Not only to encrypt but to manage keys and keep them up-to-date and know what was encrypted with which keys. EN encryption is pants and so I don't use it. I also don't encrypt and store in EN. No point in having none searchable data in a searchable repository. I could create an specific notebook and place all encrypted notes in that notebook, but if I used GPG, decrypting on othe devices would also be one major headache. If it needs that much security, then it shouldn't be online.

In the end you have to live with your own level of paranoia and act accordingly 😁

Link to comment
  • Level 5*
5 hours ago, why? said:

I do think there's much scaremongering going on. I read the PDF encryption security may not be safe article, but it requires a particuler set of circumstances and is just not realistic.

It is NOT "scaremongering".  It is a review of the issues with PDF 256-AES.  There are other review that have found similar issues.  Each person can decide if it is an issue for their needs.

I have found GPG easy to use, using the GPGTools suite.  Very simple:

  • Right-click on a file in the Finder, and select "encrypt", and it creates encrypted file with "gpg" extension.
  • Double-click on an encrypted file with extension "gpg" and it decrypts.

No paranoia here.  Just good, common sense, taking the proper security precautions where I need to.

Link to comment
3 minutes ago, JMichaelTX said:

It is NOT "scaremongering".  It is a review of the issues with PDF 256-AES.  There are other review that have found similar issues.  Each person can decide if it is an issue for their needs.

This is not a blanket review of PDF 256-AES per se. Apart from the fact the the attacker first needs to get a copy of your PDF from EN, which is a tough enough task. The first attack is only applicable  "for partially encrypted documents that include a mix of both encrypted and unencrypted sections, and does not include integrity checking."

The second method is more complex "…an attacker can stealthily modify encrypted strings or streams in a PDF file without knowing the corresponding password or decryption key. In most cases, this will not result in meaningful output, but if the attacker, in addition, knows parts of the plaintext, they can easily modify the ciphertext in a way that after the decryption a meaningful plaintext output appears." Eve the researchers themselves say that this would be extremely difficult.

These really are not a security issue for the vast majority of the populace. If someone has the knowhow and specifically targets you then there are other options for stealing your data. This is scaremongering because a blanket statement that PDF encryption is not good enough will stop people from using it when in reality they are talking about fringe cases created in a laboritory with hi end tech and staff. Hardly something that will hit main stream hacking. And chances are the loopholes will be closed well before it ever really poses a threat to anyone.

This is the problem with the internet and it does depend on your level of paranoia. You could argue that good old common sense says you may be hit with bird ***** as you go about your daily work and therefore sporting an umbrealla at all times is the only sensible thing to do. As has been mentioned in this thread, it's not just about what is possible, but what is probable. Is it possibe that someone could hack your PDF? Yes, is it probable, No. Is it possible that all your hard diskd expire at the same time, Yes. Is it probable, No.

Link to comment
  • Level 5*
1 hour ago, why? said:

These really are not a security issue for the vast majority of the populace.

Who are you to make that judgement?  You have a forum username of "why?", and I don't recognize you has having any authority or expertise about internet security.   So you can continue to pontificate all you want.  I'll not waste any more of my time responding to you.  Anyone that listens to you does so at their peril.

Link to comment
6 minutes ago, JMichaelTX said:

Who are you to make that judgement?  You have a forum username of "why?", and I don't recognize you has having any authority or expertise about internet security.   So you can continue to pontificate all you want.  I'll not waste any more of my time responding to you.  Anyone that listens to you does so at their peril.

I'm not, the researchers in the article are. They clearly outline the extent to which encrypted PDFs are at risk. They also highlight the criteria putting PDF's with encryption at risk. They also clearly talks about the complexity and difficulty to exploit such PDFs.

Link to comment
  • Level 5*

There seems to be a lot of misinformation in this thread.  I am NOT a security expert, that's why I do a lot of research to find reviews by those that are security experts and professionals.

So, to clarify this review, PDF encryption standard weaknesses uncovered  , that I cited earlier, please note their final recommendation:

Quote

If you think it’s worth encrypting your PDFs and you want to be sure they haven’t been tampered with, use a respected third party encryption tool, like GPG.

Also, you may want to read this article from NASA:

Using GPG to Encrypt Your Data -- NASA 

Link to comment

I use Evernote's select-text-to-encrypt and local notebooks. If Evernote offered the ability to just as easily, and securely, encrypt notes and notebooks (allowing you to attach PDFs, which currently you can't do with select-text-to-encdrypt), I'd put things like my tax records and scans of IDs in Evernote. I'd also be willing to pay a bit more for the functionality. That's just me though; I do pay separately for a ID theft monitoring service.

Link to comment
  • Level 5*
44 minutes ago, Moo Cow said:

allowing you to attach PDFs, which currently you can't do with select-text-to-encdrypt

Hi. Subject to the comments above about the security of encryption generally,  why not just encrypt the PDF's you want to attach to a note?

Link to comment
  • Level 5*
1 hour ago, Moo Cow said:

(allowing you to attach PDFs, which currently you can't do with select-text-to-encdrypt), I'd put things like my tax records and scans of IDs in Evernote

As per @gazumped, we can both attach encrypted PDFs and "select-text-to-encrypt"   
I use an automator script (Mac) to encrypt the PDFs; right-click and encrypt

Link to comment
  • 1 year later...
On 04.10.2014 at 17:11, ArvindKanda said:

I am a new user slowly getting hooked on to Evernote.  I have been reading about the concerns related to storing secured information on Evernote cloud. I guess the general recommendation is that if you consider some information should be secured, just do not store it in Evernote. Now my question is what documents should be considered secure.

 

1. Storing passwords in evernote or any cloud service is a terrible idea. I get this.

2. Bank statements - some have said that the account no in bank statements is secure information. Can someone explain why this is secure information? what happens when some hacker gets access to it?

3. Tax returns - Can this be kept in evernote?  This contains soc sec no etc. Personal tax advisor near me yourbooksontime.com/tax-advisors  from company Yur Books On Time. What do you all do? What kind of information that you DO NOT keep in evernote?  Where do you store such information? (e.g another cloud service that supports encryption on storage)? How do you integrate that cloud service with your Evernote workflow?

 

 

 

 

How did you solve the issue?
Link to comment
  • Level 5*
51 minutes ago, eric99 said:

I store my sensitive data in encrypted pdf.

Native encryption is also supported with Office/iWork documents

Link to comment
  • Level 5*
8 hours ago, Taxio said:

 

 


How did you solve the issue?

When Local notebooks were removed with V10 I started moving/putting sensitive documents on OneDrive using BoxCryptor to encrypt the data on the fly.  Would work the same for any cloud service. 

I have the benefit of local search of title and contents on my PC(s) and web search of title  (mobile devices).  Visibility of contents on all platforms with BoxCryptor installed.  Sort of works the same as EN, document list on the left, document contents on the right, search at the top.  It is lightening fast as well.  FWIW.

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...