Jump to content

User5678

Level 1
  • Content Count

    2
  • Joined

  • Last visited

Community Reputation

0 Neutral

About User5678

  1. Here's another request, ladies and gentlemen. It really amazes me when people claiming to be tech-savvy and intelligent take such an ostrich-head-in-the-sand position. Let me sum it up for them so-called "Evangelists" (what a pretentious name, BTW, with all due respect; someone in Marketing deserves a bonus for making Evernote look like a religion!): 1. Evernote is pretty secure, although the data is unencrypted. 2. Despite this claimed security, storing sensitive info on Evernote is counter-indicated, and we ourselves use additional security for sensitive data. 3. However, users are themselves responsible for their usage of Evernote, so we will not advise them of lack of server-side encryption - this might result in small revenues! 4. We will, however, continue advertizing Evernote as a place for any and all information our users have. 5. Adding note\notebook\DB encryption is such a hassle, there are export limitations, and who cares that Dropbox et al have managed to somehow solve this problem! Better spend the income on pay raises than security for our customers. 6. If your data gets stolen, it will most likely get stolen by a person having access to your device, rendering Evernote DB encryption pointless. 7. Anybody who is claiming that the above is not a sane position is an "Evangelist-basher" (another priceless term here). Now, it's all pretty self-evident, so I won't dwell upon it. I'd only like to comment on (6) above: having time-limited viewing capability of secured notes\notebooks would very much reduce the risk of compromising sensitive information almost to zero. I.e. the user enters the password to see the note, which stays visible in its unencrypted form only until the user-specified countdown has been reached, or the user switches to another note\notebook, or the device enters sleep mode; to view the note\notebook again, user will have to re-enter the password. This may be used as an additional (optional) security measure, separate and independent from the complete server-side DB encryption. Lack of notebook\note encryption (as opposed to implemented note-text encryption) is a serious drawback. Right now, that means that I will continue storing my truly sensitive data on a DropBox drive in a BoxCryptor container, and less sensitive data on DropBox. This is far more convenient than encrypting every separate PDF file and archiving all inherently non-encryptable formats into password-protected zips\rars. Thus, I will not be needing a paid Evernote account, now ain't that a daisy? The way I see it, there are several possibilities for this situation to develop: 1. Due to the small numbers of security-conscious people, things stay as they are. People who don't want to encrypt files individually keep using dropbox, boxcryptor, TC. Other people store everything in Evernote. Nothing bad happens, everyone is happy. 2. Same as above, but one day, Evernote-stored data is compromised, and "Evangelists" have to tell all the users "it was your own fault, we have no responsibility over what you do with the tools we provide". Users do not like that, even if judges might agree. 3. As more and more people learn to appreciate the ease of use Evernote offers in accessing fragmented data, more tech-savvy, security-conscious people confront the limitation and request this feature. Under the pressure, Evernote devteam\management includes this functionality in the next century.
×
×
  • Create New...