engberg

Hi, JaneDoes - Our client applications (e.g. Evernote for iPhone, Evernote for Mac, etc.) are written so they are capable of being used against either the evernote.com service or the yinxiang.com service. Once you're signed in to evernote.com, the application "knows" that you're an Evernote user and should never communicate to the yinxiang.com service. Before you log in (e.g. on a new install), the software reaches out to get some basic configuration information about the different services. This just sends the service a request that says something like "My preferred language is US English". The client gets information about the service, including the correct URL to open Support tickets for that service, whether Twitter posting is enabled, etc.: https://dev.evernote.com/doc/reference/UserStore.html#Fn_UserStore_getBootstrapInfo So that doesn't send any personal identifying information or data, it just retrieves the canned configuration information for the service in question based solely on your OS language preference. Under normal circumstances, most clients will just get all of this information from servers on evernote.com unless your OS language is set to "Simplified Chinese". But if your client can't get information about the yinxiang service from evernote.com for some reason, it may go directly to the source to ask about the configuration settings for the China service. You happened to hit this on Thursday morning, when you launched the Mac client (with no account signed in yet) at the same time we were having a 30-minute service interruption (see http://status.evernote.com/). So your client tried to learn about both services from evernote.com, the servers were unable to reply and the client decided to do a one-time lookup for the yinxiang.com configuration information by asking yinxiang.com servers directly. Now that you've signed in to the client, you should see that the Evernote application never tries to connect to yinxiang.com again. (I've been running Little Snitch on my MacBook for at least a year, and have never seen it.) One thing to note about Evernote and Little Snitch ... most of the time, our application only talks to our own servers. But web clips can sometimes throw that off if you manage to clip a web page that includes a reference to the original image on a remote web server instead of copying and storing the image inside your Evernote account itself. In this case, you may see your client go make a network request to that remote web server to retrieve the image when you view the note. We try to avoid this in our own software by fetching and storing the images at the time of the clipping, but that can occasionally go awry if we don't have permissions to download the image at the time of the clip, or if the HTML snippet is inserted into a note from a third-party application that doesn't do the right gyrations. Thanks, Dave

My pleasure! There's a bit too much on this thread to try to wade in point-by-point on page 9, but I want to make sure everyone knows that we do hear your concerns and take them seriously. While we have a great team who works hard to balance the needs of our 100+ million users, we obviously screw up from time to time and introduce bugs or make UI changes that make some tasks harder (while trying to improve others). We'll keep working to get things right, and the feedback from the forum and from Support tickets is a huge part of that. But we do feel that our top responsibility is to be the best custodians of your life's work. Above all else, we want to make sure your data is protected. Hopefully, this will let you trust us to keep managing the things you write and collect. But we also feel extremely strongly that it's your right to take your information elsewhere if we should ever lose your trust: http://blog.evernote.com/blog/2014/06/03/evernotes-three-laws-data-protection-update/ Thanks

Illustrious - I spent a couple of hours researching your ticket yesterday and this morning to help Terry answer your questions. We take allegations of security risks extremely seriously. While I understand your frustrations, I'm positive that Evernote did not disclose anything from or add anything to your account without your consent (or the consent of someone logged into your account using the web browser on your computer). In both of the cases you mention in June, someone on your computer chose to authorize those third party web services to create notes within your Evernote account. Shortly after each of these authorizations, those services took non-Evernote data and used it to create notes and notebooks in your account. None of your notes were accessed by those services, and none of the data they put into your account came from other Evernote accounts. I say that this came from your own computer because I went through our logs to confirm that the same IP address had been used in surrounding days to access your account from your client, web clipper, and web browser. And the web browsers used in surrounding days was identical (in "User-Agent") to the one that authorized Springpad import to Evernote. Since you deleted the notes that Springpad imported from your account, and since their service is no longer available, I can't rule out the possibility that they pushed notes from the wrong Springpad account into Evernote after your browser granted them access. But it's also possible that the content came from the right authenticated Springpad account. (We heard no other reports of incorrect behavior from any of the people who did the same import.) However, I absolutely agree with your general recommendation that Evernote users should choose carefully which third-party applications they permit to access to their Evernote accounts, just like you should choose carefully what applications should have permission to read your email or access your banking web site. We try to help with this decision by enumerating exactly which capabilities you're granting each application. I.e. some applications have permissions to read your notes, others do not. We encourage developers to request only the permissions they absolutely need, and we've added some safety features (e.g. "Note History") to protect against accidental note damage from third party applications. And we will, of course, terminate the access of any applications that are actually mishandling the data of the Evernote users who have granted them access.

You can apply existing tags (i.e. tags that the owner has already applied to at least one note in that notebook). If you want to make a big pool of tags available to your "guests", then just use that tag on one or more notes.

What web browser and version are you using?

From the desktop clients, you can also Paste without Formatting to remove all styles and use text-only contents of the clipboard.

Thanks for the suggestion. Things like this are a little more complicated in Evernote because we store note data in a form of HTML that is then "rendered" for viewing separately on every platform: web (4 different browsers), mac, windows, iOS, Android, BlackBerry, Palm WebOS, WinPhone7, etc... So any little tricky special syntax that we add needs to have corresponding rendering code added to every single client, or else we'll receive anger from the users of each platform because we (e.g.) failed to add LaTeX support on BlackBerry, so their notes are unreadable. This is why we tend to prefer using existing web-friendly renderings like JPEG, GIF, PDF, etc. rather than ad-hoc markup within the notes for each separate community and feature.

Try NeverNote.

We exercise the operating system in more ways than your average app due to things like: networking, database IO, embedded HTML editing, etc. Inefficient emulation of any one of the relevant frameworks could have a disproportionate impact on performance. (E.g. if a single one of the low-level IO calls made by SQLite is 10x slower on Wine, that could account for a massive performance hit for the overall application.) While we're happy if Wine happens to work with Evernote, we do not support or test this configuration.

The "helper app" is needed to make the elephant icon in the menu bar work ... this supports making screenshots and pasting directly into Evernote from the OS.

Guests can only add tags to a note if those tags are already part of that shared notebook. I.e. the tag must already be applied to at least one of the other notes in that notebook. This is to prevent a guest from polluting your account with dozens of tags that you need to find and delete on the left side.

Not everyone uses the organizational hierarchy to imply that parents are a superset of children. So we'd get at least as many questions and complaints if we did it the way that you describe. "I selected the 'computer' tag, and it selects notes that aren't tagged with that word at all!"

No, stacks are a single level. If you need a much more complicated hierarchical organizational scheme, we'd recommend using Tags, since you can nest them to any level and have up to 10,000 tags.

If you're seeing incorrect behavior, please specify what application you are copying from.