Jump to content
oct

(Archived) Regarding security issues

Recommended Posts

I just find out that, some part of the note which supposed to be

encrypted by "Blank type (character is shown as * )" function is

actually saved as regular character, when I look up my clients DB

File(.exb) in text editor. Then I was wondering, when server saves the

characters I've entered as "Blank type" is actually encrypted or not.

I know transferring data in the network is encrypted by SSL, but I'm

not sure about when server saves data.

Share this post


Link to post

If this is truly what is happening than this is very bad. Is Evernote saving the encrypted text to the database 'in the clear?'

I would like a clear answer to this because I won't be using the encrypted text feature anymore if it provides a false sense of security.

Share this post


Link to post

verified.

Unbelievable. I just verified that "encrypted" text in notes is indeed stored as plain, unencrypted text.

I just created a test note, with the text "this is the encrypted text"

Then I encrypted the text and closed EN.

Then I opened my .exb filed in TextPad (http://www.textpad.com/download/).

I searched for the phrase "this is the encrypted text"

Result: the text is sitting there in the open.

I'm attaching screen shots of the note as it appears in EN and the text as it appears in TextPad

post-11280-131906071455_thumb.png

post-11280-131906071456_thumb.png

Share this post


Link to post

After 2 weeks, the response from Evernote?

  • Cue the crickets

Share this post


Link to post

When you edit an existing note, the internal database in the Windows client (SQLite) stores the new data on disk and then marks the region with the old data as available for reclamation and reuse. The old space will get used for something in the future when the database needs space, but a low-level analysis of the hard drive may still find traces of the old version of the note until that happens, either because the database hasn't re-used the space yet, or because the Windows file system has not reclaimed the "bits" that were released by our application on the file system.

The data transmitted to Evernote is fully encrypted, as is the data transmitted to any of your other clients.

Share this post


Link to post

OK, so I downloaded SQLite Browser to see how the data appears in the SQL records.

And once again, it appears as clear text. This is not a "low-level" analysis of the disk contents. This is the actual evernote database records. Here is a screenshot of the same note that I posted about above, as it appears in the SQLite browser. Note that the record has not been deleted, as it would be if the disk space were available for reuse:

post-11280-131906071459_thumb.png

I can't think of a way to verify what is sent to EN. But it is hard to believe that a record that is plaintext on my machine is encrypted during the sync process.

Moreover, the fact that the record exists in plaintext on my machine is not what I had been led to understand about the encryption feature. If records are only encrypted upon sync, but remain in plain text on the local machine, that should probably be made clear.

Share this post


Link to post

That's not from one of "our" tables, but probably from deep within the SQLite "Full Text Search" engine that we use to index your notes for fast searching. It also may leave data on the disk until it does an optimization pass.

To force SQLite to clean up all unused data (thereby optimizing and shrinking your raw *.exb data file), try this:

That should remove any old traces of previous versions of your notes from the database file. Although the bits may still be on your hard drive somewhere, depending on your operating system's behavior.

Share this post


Link to post

FYI - we think we see how we can tell SQLite to more aggressively clean this old data up for any note with encrypted content in it in a future release.

Thanks

Share this post


Link to post

Thanks to act, mdave, skellam, and dan7000 for their persistence.

And a thank you to Dave Engberg for pushing this on the Evernote side.

We're all in this together.

Share this post


Link to post

Everyone, thank you very much.

I was able to alleviate anxiety by knowing the details of this issue.

Share this post


Link to post

Well, after 1 year from the last post, it seems like it is still the same. I just posted a similar topic and someone kindly pointed me to this thread.

So, no fix to this?

Having any form of plaintext, when the GUI show "encrypted", is bad implementation. Other single-file encryption tools will immediately perform a "shred" on the old data. Otherwise, what's the point on encryption?

You can argue that some residue might be visible while it is decrypted, but once the session is done, a proper cleanup should happen.

I strongly doubt the data is encrypted in the servers, after seeing this. What I see now should be the same as what's in the server. SSL is only encrypting the transit.

It would be best to disable the encryption feature until it is done right, don't you think? These are all false sense of security.

All in all, it's still a great tool for non-secure contents. But G-Drive has OCR too (so there's competition for ya), but at least they don't try say "here's an encryption feature".

Dissapointed. Pity those who encrypts their password lists in evernote.

Share this post


Link to post

A couple of years ago there was a great thread titled "Wide Open Databases." I saved the link but unfortunately it's no longer valid. I don't remember if Kurt.Angle's issues were addressed in there, but if anyone Evernoted it or has a better link please post it or share the note.

Share this post


Link to post

A couple of years ago there was a great thread titled "Wide Open Databases." I saved the link but unfortunately it's no longer valid. I don't remember if Kurt.Angle's issues were addressed in there, but if anyone Evernoted it or has a better link please post it or share the note.

yeah. i generally don't move or merge threads for this reason, especially if they are older than a few minutes. i can't find it, even using google's advanced search. sorry :(

our only savior might be bnf, who evernotes everything :)

Share this post


Link to post

I have confirmed that text encryption is working properly in EN Mac 3.1.2 Beta 2.

My Test:

  1. Created new Note and encrypted text "EncryptedOnMac"
  2. Synced
  3. Open Finder to Library\Application Support\Evernote folder
  4. Search for "EncryptedOnMac" using Finder Search
  5. Nothing found.
  6. Permanently unencrypt the text in Evernote Note
  7. As soon as it is unencrypted, evidently the Note is saved locally automatically
  8. A file named "content.html" appears in the Finder window still open with the Search
  9. Opening the file shows the Text Note contents
  10. Re-encrypt the text in Evernote Note
  11. The file immediately is removed from the Finder Window.

NOTE:

Unlike the EN Win client, the EN Mac client does NOT store the Note Contents in a DB. It is stored in a Mac file instead, which makes it searchable using Finder (or Spotlight).

Share this post


Link to post

I was just poking around yesterday (on my mac) and happened to find all my notes in clear text in files under $HOME/Library/Application Support/Evernote/data - and I was appalled. I came here to the forums to look around to see what others have found out. I did look and find the option to encrypt specific text within a single note, and I have tested that and it appears to work, albeit it's a little kludgey. Now I have to go through all of my notes looking for data that I want to encrypt and do them each individually - definitely not an ideal situation.

What is the difficulty involved in having the local Evernote client simply encrypt all of the data, much like keepass or truecrypt does? The client could use your account credentials to open up the encrypted container, or even if it asked for a second password to gain access to the encrypted data, I could live with that.

On our network, all of our laptops are backed up to the network, and then eventually backed up to tape - so anyone with privileged access to the network has access to everyone's Evernote notes, if they know where to look.

Share this post


Link to post

I was just poking around yesterday (on my mac) and happened to find all my notes in clear text in files under $HOME/Library/Application Support/Evernote/data - and I was appalled. I came here to the forums to look around to see what others have found out. I did look and find the option to encrypt specific text within a single note, and I have tested that and it appears to work, albeit it's a little kludgey. Now I have to go through all of my notes looking for data that I want to encrypt and do them each individually - definitely not an ideal situation.

What is the difficulty involved in having the local Evernote client simply encrypt all of the data, much like keepass or truecrypt does? The client could use your account credentials to open up the encrypted container, or even if it asked for a second password to gain access to the encrypted data, I could live with that.

On our network, all of our laptops are backed up to the network, and then eventually backed up to tape - so anyone with privileged access to the network has access to everyone's Evernote notes, if they know where to look.

Hi. I assume you are on a Mac. Windows stores its files in a database. There are good and bad things about this. In my case, I really appreciate having the notes accessible this way (http://www.princeton.edu/~cmayo/evernote-spotlight-search.html).

I can definitely see how this would make it problematic on a work machine, and using the Web version gives you less functionality. Certainly, encrypting the Evernote folder would be a solution, though I don't know how that would work in terms of coding.

Personally, I am hoping we will have selective sync someday (like we have on the iOS and Android platforms) so that we don't have to download everything onto the computer. This would help avoid the problem. In addition, it would be nice if we could encrypt at the notebook level.

Share this post


Link to post

After digging a little deeper, it appears that there are two commonly offered reasons as to why there are not many encryption features built into EN. One is that it's difficult to index data when it's encrypted, and the other is that EN is focusing their efforts into developing ways to store/access/index data, not in ways to protect the data.

I'm in IT - I get the part about it being hard to index data that is encrypted. (Referring to the data residing in the cloud on the EN servers) On my desktop though, there should be an encrypted container that gets opened when I log into EN, and then locally the EN application has access to all of my notes and data. Other applications/users that are able to access my drive space should just see an encrypted container that they can't do anything with.

I see folks using TrueCrypt, or native OS tools, to create an encrypted container/filesystem, and then having EN store your data in that newly encrypted filesystem. That is going to help users that are concerned about their laptop being lost or stolen. That paradigm doesn't help me in this case, because once TrueCrypt opens and mounts the encrypted filesystem, it becomes simply another freely available directory to the operating system. When my work laptop decides to do it's backup to the network, it's going to copy that directory too, and voila - my data/notes are now stored in plain text on the network drive.

I also like the idea of having selective sync, and the ability to choose if you want to keep a local copy or not.

Share this post


Link to post

After digging a little deeper, it appears that there are two commonly offered reasons as to why there are not many encryption features built into EN. One is that it's difficult to index data when it's encrypted, and the other is that EN is focusing their efforts into developing ways to store/access/index data, not in ways to protect the data.

I'm in IT - I get the part about it being hard to index data that is encrypted. (Referring to the data residing in the cloud on the EN servers)

This is often offered as an excuse to not encrypt Evernote Notes.

However, there is an excellent compromise: Encrypt the Note Contents, but NOT the Note Metadata (Title, Tags, Dates, other attributes).

This will allow the contents to be secure, while still being able to do great searches on the metadata.

  • Like 2

Share this post


Link to post
Guest
This topic is now closed to further replies.

×
×
  • Create New...