Jump to content

ariver

Level 1
  • Content Count

    6
  • Joined

  • Last visited

Community Reputation

2 Neutral

About ariver

  1. Ok. Got to talk to a very nice Evernote developer. For primary Evernote functionality, the app should only need to contact Evernote domains, Google Analytics, and Mapbox Tiles. (I leave GA allowed because I want Evernote to get usage data in order to improve the app/service.) (I only allow mapbox when connected to a trusted network, but I don't use Atlas much, so I could just block it.) Any connection attempts outside of that are to fill the gaps in captured pages where resources could not be stored in the note. allow domain evernote.com 443 allow ssl-google-analytics.l.google.com 443 deny c.tiles.mapbox.com 80 deny any 443 deny any 80
  2. I was hoping to make the information available to the many other users of EN that would like to properly exercise more control over their network usage. My understanding was that EN employees also contribute to the forums.
  3. Hello, I noticed that the EN App on OS X (El Capitan) tries to access resources related to notes I'm opening. I tried to search for this issue, and it seems to have been brought up a number of times. (I'm yet-another-little-snitch-user.) Here's the most relevant I found: (And, yes, I'm aware of the implications of EN app using webkit. {are you still?}) My question is, what resources are needed by EN for functionality. I want explicitly allow what is needed and block all other access. For this, I have the following reasons. These requests are often not secure and also divulge information about the contents of my notes to whatever network I'm on. I shouldn't have to disable networking on my device to feel safe opening a note that is supposedly fully synced for offline use. These resource requests use bandwidth I may not realize I have to allocate towards EN use. I want to know what I have actually been able to capture as a note. In the past, I thought oddities in clipped pages were just lack of javascript or some other funkiness. It should be left up to me, the user, to determine if it's ok to clip the contents of a page. Now I have to add another step to each important clip I make; opening the note to make sure it captured what I intended. As a note, I am currently allowing/blocking requests from EN on OSX in this manner: allow domain evernote.com 443 allow ssl-google-analytics.l.google.com 443 deny c.tiles.mapbox.com 80 deny any 443 deny any 80 #deny any any # Not yet I don't have a problem with your use of G:analytics to analyze app usage, though I'm not confident you're only allowing it for your own app. Also, I don't see any reason for you to be using unencrypted access to (c.tiles.mapbox.com). They have a secure endpoint also. Thanks for your time and a great product and service! -- Aaron --
×
×
  • Create New...