Thanks for the quick reply guys. I really appreciate it. I had always stupidly assumed the data was locked in a container until you logged into the app. 🤦♂️ I currently follow all the great information/tips from all your comments as well, and I suggest that anyone in the future that happens upon this post do the same.. A quick story about an unlikely encounter I had recently with a group of talented hackers. If your interested read on.
I travel often and usually setup several of my own dedicated mobile hotspots in hotels, from different carriers so my devices aren't using the same network, and I have more cell coverage options. Public wifi for me is unfortunately always a no-go, even with a good VPN. Last year, while staying in a hotel, with many other hotels in close proximity, I was having a connection issue. I decided to troubleshoot by running Wireshark, a very thorough packet capturing application for those of you maybe not familiar with it. When I was going through the data I noticed that luckily, and unfortunately, I happen to catch a group of hackers silently attacking everyone in the hotel. These guys were smooth and dead silent. I believe that because I was applying some fairly high security measures, for a hotel guest anyway, they decided to take a closer look into my devices..which were all locked down pretty solidly...so I thought.
Just in case you are interested...I was using creditable VPN's while on my own networks, use strong password techniques, use a password manager, of course have file vault turned on, use the strictest of firewall settings, normally use virtual machines to browse the web, and try my best to follow basic security measures (scanning links before clicking anything, checking the websites for https, clearing cached data, and such). I even log out of icloud on my devices when doing work in hotels. Since I was staying in a nice hotel, and not working with any overly sensitive data, I didn't think it necessary to use any hardened operating systems like Tails or Whonix.
I did happen to grab some of their chats out of the air with Wireshark, and judging by the conversations between them I could tell they were EXTREMELY well educated and very organized. When they became aware I had captured data about their attack they started targeting me with a vengeance. Later I realized they just wanted to see what all I knew, and erase their tracks. Thankfully they didn't have intentions to cause any damage...besides trying to erase my laptop through my iCloud which they accessed. I barely escaped that mess. But during the attack I was scared to death. I couldn't use any device without them moving laterally through it. I didn't know their intentions, and I didn't want to pass them on to any of my personal or business contacts. They even changed the wifi and bluetooth icons on my Macs GUI to just appear off when I tried to toggle them off. The computer also only appeared to power off when I shut it down. Luckily I could fumble around at the command prompt enough to shut settings off there, and later follow pieces of the damage. I spent the next two days with not a single electrical device, not even a cell phone. I felt I made a wrong turn and ended up in a Tom Cruz spy movie. The story gets a little more wild but the point of all this is now I know why my evernote info seemed to be the most exposed. I had originally thought that maybe they just stole an active browser cookie and then downloaded the info that way. Anyway, if you have read this far thanks for letting me share. Most people I work with roll their eyes when I mention anything at all about the security of a project we are working on. I do use encrypted folders on my Mac for sensitive data, but I guess I'll just have to be more cautious about what I store in evernote. I can almost guarantee not a soul in that hotel knew their devices were exposed. Love evernote...wish it had more security features. But as my grandma use to say..."wish in one hand and ***** in the other." Be careful out there! ...and thanks again.
