eyallvy

Theoretically, Evernote should be able to easily prevent compromised files which were locally encrypted by ransomware to be uploaded to their servers. Unlike file storage cloud services like Dropbox etc, it is the Evernote app which handles all creation and editing of notes. A local copy may be stored on the device but edits to it must go through the Evernote app. It is at this point that every note can be made to include a unique digital fingerprint which identifies it as one that was produced by the Evernote app. At each instance of sync, the digital fingerprints of notes which were changed

As far as I understand the way Evernote works, its main vulnerability to ransomware is the local cached files it keeps on the PC where it is installed, which ransomware could possibly encrypt and a sync could corrupt the data in the Evernote cloud. If used strictly as a cloud service, especially with 2 factor authentication, I believe that a local attack of ransomeware on a PC can't touch the Evernote data in the cloud. This is contrary to the way cloud file storage services work, which the ransomware can see as a local folder and the contagion it creates gets automatically uploaded to the clo