Jump to content


Level 1
  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About DGargan

  1. After digging a little deeper, it appears that there are two commonly offered reasons as to why there are not many encryption features built into EN. One is that it's difficult to index data when it's encrypted, and the other is that EN is focusing their efforts into developing ways to store/access/index data, not in ways to protect the data. I'm in IT - I get the part about it being hard to index data that is encrypted. (Referring to the data residing in the cloud on the EN servers) On my desktop though, there should be an encrypted container that gets opened when I log into EN, and then locally the EN application has access to all of my notes and data. Other applications/users that are able to access my drive space should just see an encrypted container that they can't do anything with. I see folks using TrueCrypt, or native OS tools, to create an encrypted container/filesystem, and then having EN store your data in that newly encrypted filesystem. That is going to help users that are concerned about their laptop being lost or stolen. That paradigm doesn't help me in this case, because once TrueCrypt opens and mounts the encrypted filesystem, it becomes simply another freely available directory to the operating system. When my work laptop decides to do it's backup to the network, it's going to copy that directory too, and voila - my data/notes are now stored in plain text on the network drive. I also like the idea of having selective sync, and the ability to choose if you want to keep a local copy or not.
  2. I was just poking around yesterday (on my mac) and happened to find all my notes in clear text in files under $HOME/Library/Application Support/Evernote/data - and I was appalled. I came here to the forums to look around to see what others have found out. I did look and find the option to encrypt specific text within a single note, and I have tested that and it appears to work, albeit it's a little kludgey. Now I have to go through all of my notes looking for data that I want to encrypt and do them each individually - definitely not an ideal situation. What is the difficulty involved in having the local Evernote client simply encrypt all of the data, much like keepass or truecrypt does? The client could use your account credentials to open up the encrypted container, or even if it asked for a second password to gain access to the encrypted data, I could live with that. On our network, all of our laptops are backed up to the network, and then eventually backed up to tape - so anyone with privileged access to the network has access to everyone's Evernote notes, if they know where to look.
  • Create New...