cwb

Guru
  • Content count

    799
  • Joined

  • Last visited

Community Reputation

222 Seriously Awesome

1 Follower

About cwb

  • Rank
    Reaver
  1. Maybe I can hope that total is repeated failed attempts to move and not something like 7100 fewer users to spread the bill paying around.
  2. Just a datapoint from my newsfeed today. https://techcrunch.com/2016/08/18/microsoft-helps-mac-users-ditch-evernote-for-onenote-with-new-tool/?ncid=rss Microsoft makes the point the Evernote Premium now costs as much as Office365 Personal. the migration tool for Evernote -> OneNote for Windows (and now Mac) has migrated 71 million Evernote notes. Seems there's some movement there. Movement I'm less than pleased with. The pricing issue doesn't help. The more people migrating for various thread hammered reasons, means the more my pricing is going to go up while I stay.
  3. Jump forward 2 years. The pressure keeps ramping. https://techcrunch.com/2016/08/18/microsoft-helps-mac-users-ditch-evernote-for-onenote-with-new-tool/?ncid=rss Microsoft makes the point the Evernote Premium now costs as much as Office365 Personal. The value equivalence is for the end user to decide. I haven't jumped but I continue on the spectrum of trending less and less Joyous in my use and feeling in the value for the dollar. As for others? Well, the migration tool for Evernote -> OneNote for Windows (and now Mac) has migrated 71 million Evernote notes.
  4. That may be the case, but I'm not sure it will be due to Folders. As I look at some of the competition (Google and Microsoft), folders are pretty antithetical to them too. Particularly when you look at OneNote with Sharepoint. I struggle with my own organization, as IT, where users try to cling to files living in a folder metaphor, and hold out on metadata, tags, and searches. It's just painful. It's just putting off the inevitable day of reckoning. Inevitably one reaches the conclusion (even more so as you collaborate) that one personal taxonomy will never agree with everyone elses. But tags and searches let a piece of information live in multiple organization taxonomies. To "exist" in multiple "places" or search domains at one time. In fact, as someone with over 500 apps on my phone and ipad, not just a few of them interacting with Evernote, it's the few which cling to a notebook/folder structure which give me the most pain and constraints. Tags are the canvas that lets one be as taxonomically creative or retro as they desire
  5. I have input into many feature requests and hopes for the future in Evernote. Those are still there to be sure. But for today, as I markup a PDF on my iPad I wanted to just say thanks for what Evernote is, here and now. This could be cross posted in the Windows forum where I use that client and the web clipper every day. Where I incessantly markup and document screen captures, and share them out for instructing staff. It could be cross posted in the Mac forum where I use it at home, and like some of its unique personalities while missing some of the Windows flavour. It could be cross posted in the web forum, where I enjoy love the OAuth support, and enjoy each and every time I'm prompted for a second factor to login (even to the discussion thread here), or to re-authorize an iOS App. And every day where I live in Evernote on my iPad and iPhone. The sync just keeps getting better. The PDF markup is a real pleasure to use. i'll no doubt rant another day soon. But for today I'm just steeped in the fact that it's such a help and pleasure to use. Thanks Evernote.
  6. mac

    Oh... and about the OneNote "TNO" encryption... Maybe not so much (other than perhaps you bought a retail copy that you use in your own home): https://technet.microsoft.com/en-us/library/cc179125.aspx If you do allow users to password protect documents, and they later forget or lose the password, you can use the DocRecrypt tool to reset or remove the password. For more information, see the Remove or reset file passwords in Office 2013 article. And the selection of encryption methods can be controlled through group policy. AES and 3DES shouldn't be assumed. They can be configured to be any of: AES, DES, DESX, 3DES, 3DES_112, and RC2 https://technet.microsoft.com/en-us/library/jj923033.aspx Previously, if the original creator of a file password either forgot the password or left the organization, the file was rendered unrecoverable. By using Office 2013 and an escrow key, which is generated from your company or organization’s private key certificate store, an IT admin can “unlock” the file for a user and then either leave the file without password protection, or assign a new password to the file. You, the IT admin, are the keeper of the escrow key which is generated from your company or organization’s private key certificate store. You can silently push the public key information to client computers one time through a registry key setting that you can manually create or you can create it through a Group Policy script. When a user later creates a password-protected Office 2013 Word, Excel, or PowerPoint file, this public key is included in the file header. Later, an IT pro can use the Office DocRecrypt tool to remove the password that is attached to the file, and then, optionally, protect the file by using a new password.And you have to wonder that there wouldn't be an escrow key on Sharepoint Online hosted content.
  7. mac

    No, not OneNote. See: https://spekxvision.wordpress.com/2015/04/14/still-no-secure-cloud-sync-for-onenote/ "OneNote 2013 does offer strong encryption, and in fact this is TNO. You can enter a password for a section in any of the Windows/iphone/iPad apps, and the section will be encrypted on the client side. The downside, and it is a big downside, is that you have to do this for each section individually.. not notebook, or section group, but each section. If you have tens or hundreds of sections in your notebook, as I do, that means typing the password for each one when you want to open it! It also means that you can’t search or index that section while it’s locked – it’s only when you open it, that it can be read. This is equivalent to encrypting each file on disk (since OneNote does indeed use a file for each section). So – I tried this for a while, and immediately found it a pain to use.. I have a section for each client, product, project, and doing a ‘search all’ would take ten minutes just to temporarily unlock each one. Ideally, they would allow a password to be bulk-applied to multiple sections, so you can unlock the lot in a single action, but they don’t." What ever OneNote does or doesn't do with encryption isn't greatly different than Evernote does in more Apples to Apples comparisons. Meaning that you aren't just dumping a OneNote file in OneDrive/Skydrive or running it locally. But actually putting it on Sharepoint Online for collaboration, browser access, sync to ipad, etc. Encryption is either unavailable or no different than Evernote's.
  8. mac

    Naw, it really isn't any different. Presumably most people are using dropbox or icloud to sync their 1password library. So on the one hand you have a sync service distributing a pre-encrypted blob which the sync service cannot decrypt. And on the other you have LastPass. Also a sync service distributing a pre-encrypted blob which the sync service cannot decrypt. Just like in this thread, where some are asking for TNO pre-encryption for notes which the sync service cannot decrypt. In all cases, even if the service was hacked, that doesn't get you into the encrypted data. Further I would argue that the security oversight, controls, and history are better with Lastpass than icloud and dropbox. If you were not following security news, did you hear from Dropbox when a software update allowed for about an hour, all accounts to be logged in with any password entered? Lastpass errs on the side of caution and transparency, whereas icloud and dropbox are far more opaque. Unlike using Dropbox/icloud to sync/distribute my passwords, with Lastpass we can: restrict which countries can log inrestrict login attempts from TORturn off email verification/bypass for unknown devices and locationspick from 8 different multi-factor options (including up to 5 Yubikeys on one account). scale it up to supporting a whole enterprisekeeping items encrypted and access logged, but being able to share single items, folders or nested folders.being able to keep enterprise and personal sites separate and usable in a single view, but separate-able with a single click. Or letting them use read-only credentials to log in without being able to view them.being able to report on or create automated reminders for weak or duplicated passwords across all lastpass accounts.Being able to view in a report the master password strength and multi-factor use across the enterprise to determine that no one needed to change their passwords based on a maybe that hashes but not encrypted blobs might have been lost, in the last LP notification. Knowing there isn't enough life in the universe to have time to crack the hashes. And that even if they did and had credentials, they still couldn't log in to download a encrypted blob. Because the Lastpass service is tightly integrated with the app, there is great site by site, note by note usage/access logging for verification purposes. Other than a strong password, do you know with reasonable certainty, that no one else has accessed data in your vault, or is not currently attempting to brute force into a copy of your vault? Lastpass too can be used completely offline. Via any of, the stored encrypted blob +plus browser plugin, mobile apps, the windows app LastPass Pocket, Portable thumbdrive instances. There's every reason Evernote could a do a very similar model.
  9. mac

    Having sensitive info synced across all devices is kind of what LP is all about... I'm wondering what more one might want from a security model than trust no one encryption with a multitude of multi factor login options. And to add in LP enterprise, the usage logging across the enterprise is great, and much more useful to me than a personal decentralized model like keypass or 1password.
  10. mac

    Thanks for the search reminders. I would have thought that 50% of mine would have been web clips. But I guess I'm making more use of IFTT workflows and sends to EN from my feed reeder, than actual web clipper use. But web clipper was 25%. 10% forwarded email. And a whopping 11 notes with encryption. It's frankly just not really worth using, as is. LastPass on the other hand has 800 sets of credentials and secure notes. I am disappointed to hear that it's not a business priority given we're still waiting for the previous CEO's "sexy encryption" mention. But I am thankful for the OAuth, and multi-factor. Access security and transparency are great, and I enjoy using them.
  11. Not only do I find the SMS slow and unreliable, it does not provide as strong security. SMS flaws allow interception and monitoring. http://bgr.com/2015/08/18/call-text-messages-bugging-ss7-hack/ In the case of loss/replacement of a phone, my steps are 3 fold: 2factor TOTP methods, including Evernote generate one time codes you can stash away. Which I put in an encrypted note in LastPass When I program google authenticator, I add it to the authenticator on my wifes phone at the same time. And or store the QR code image in an encrypted note in LastPass The 3rd party google authenticator I use, gets restored to a new device from icloud backup should I lose and replace a phone.Lastpass may seem like a weak point, but it too has 2 factor (a hardware YubiKey - 3 different keys actually), and GEO-IP login restrictions. And the email link to temp bypass LastPass multi-factor (can't quite bring myself to turn that off), goes to a Gmail account which also has multi-factor on it.
  12. You might also want to check to see if anyone else has accessed your account. Log in with your browser, go to settings, and in the security area check Access History: https://www.evernote.com/AccessHistory.action
  13. Yup. iPhone/iPad are my primary interfaces to EN. With 3rd party iOS apps, and the Web Clipper as the primary input sources. I never thought the natural language and contextual awareness were at a point where the focus on Google Glass made sense. And I'm not seeing utility in having it on my apple watch. I get more Evernote usage through Gneo and Swipes on the watch, syncing to EN on the backend, but even still... For me the Apple watch usage priorities are: Notifications Watch Fitness
  14. http://web.archive.org/web/20041128035713/http://www.evernote.com/en/