Jump to content

Search the Community

Showing results for tags 'princeton'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Calendars

There are no results to display.

There are no results to display.

Forums

  • General Discussion
    • Community Announcements
    • Evernote General Discussions
    • Evernote Integrations
    • Evernote Betas
    • Evernote API Discussion
  • FAQ's: Best Answers
    • FAQ's: Best Answers
  • Possible Bugs/Technical Issues
    • General Technical Issues
    • Evernote Business
    • Evernote for Android
    • Evernote for iOS
    • Evernote for Mac
    • Evernote for Windows
    • Web Client
    • Evernote Product Suite
  • Product Feedback/Feature Requests
    • General Feature Requests
    • Evernote Business
    • Evernote for Android
    • Evernote for iOS
    • Evernote for Mac
    • Evernote for Windows
    • Evernote Web Client
    • Evernote Product Suite
  • Evernote Forum Archives
    • Using Evernote
    • General Discussion Archive
    • Product Archives
  • Web Clipper***
  • International Forums
    • Japanese Discussions
    • Brazilian Portuguese Discussions
    • Discussions in Spanish
    • Korean Discussions
    • Traditional Chinese Discussions

Blogs

There are no results to display.

There are no results to display.

Categories

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Subscription

Found 1 result

  1. Recently a study from Princeton analysed what is called session replay. Oversimplified, it is a third party company acting as man in the middle between your PC and the website you are visiting, which then tracks and stores every mouseclick and keystroke to help the site owner analyse their website. In order to do this, everything you type is not only stored at the website (like for example Evernote), but also on the servers of the analytics company. Obviously this poses a significant security issue. Or like one of the researchers from Princeton puts it: "Collection of page content by third-party replay scripts may cause sensitive information, such as medical conditions, credit card details, and other personal information displayed on a page, to leak to the third-party as part of the recording," Steven Englehardt, a PhD candidate at Princeton University, wrote. "This may expose users to identity theft, online scams, and other unwanted behavior. The same is true for the collection of user inputs during checkout and registration processes." When Walgreens was caught red-handed, they stopped using those third parties https://www.wired.com/story/the-dark-side-of-replay-sessions-that-record-your-every-move-online/ as the risk was far higher than potential benefits. Evernote was also "featured" in this study, and was caught using one of those analytic providers ("hotjar"), potentially storing everything you enter in your notes on a non-Evernote server on a Malta jurisdiction. Funny enough Evernote just changed the privacy policy just a few months ago to highlight that indeed they were using those services/scripts. And Evernote highlighted how you could opt out. You canot opt out in Evernote. But read the instructions on the service provider's website. Dear Evernote, really? You put so much effort in providing a secure environment? And then you put it all at risk and allow a third party to record everything I do? Every word I type? Record it on their servers? Just for the benefit of optimising your web-design? Seriously? I would suggest you read these forums, there are enough suggestions to optimise your product to keep you busy the next few years, like getting rid of the upgrade button if you are a paying user... After the discussions around your last privacy policy update, I no longer believe this to be a mistake, I think this is a mindset issue. You put so much effort on improving your product, that you miss out on the basics. I understand that AI is more sexy than privacy. But I would have hoped you would not miss out on the basics. This really was the straw that broke the camel's back. So today I have cancelled my subscription. Oliver Additional Sources https://arstechnica.com/tech-policy/2017/11/an-alarming-number-of-sites-employ-privacy-invading-session-replay-scripts/ https://webtransparency.cs.princeton.edu/no_boundaries/session_replay_sites.html (Evernote is #359 of most visited sites - and uses tracker) https://evernote.com/intl/de/privacy/policy (you find the version dating from July, but if you go to what's new, you see the change I refer to under the cookies section )
×
×
  • Create New...