Jump to content

(Archived) (Archived) REQUEST: Additional encryption options for notebooks and syncing


Recommended Posts

  • Level 5

Adding encryption to notebooks would defeat the Evernote OCR process.

You can encrypt the information inside a note, but not an entire Notebook, unless you are using a 3rd party program like TrueCrypt.

Link to comment
  • Replies 786
  • Created
  • Last Reply
I'm trying to use Evernote as a day-to-day journal app. Is the any chance of adding encryption at some point?

You posted this in the general discussion topic. In the Windows client, you can encrypt text. I think the Mac client functions similarly. AFAIK, you cannot encrypt from mobile devices or the web client. I doubt notebook specific encryption will be added, at least in anytime soon, for several reasons including all notebooks are stored in the same database (at least on the Windows client), encrypting notes prevents them from getting indexed and either more encryption would need to be added (IE to allow notebooks in encrypted notebooks to have images) or password encrypted notebooks would be required to only contain text. Given that EN's focus is collecting, organizing & retrieving information using their fast search engine & indexing system, that's a lot of work to add in order to negate that feature.

You can, however, password ENCRYPT (not just password protect) PDF files & put those in EN.

Link to comment
  • 1 month later...

Hi,

Few question on Evernote Security Policies and procedures:

1. Is everyone's data stored on Evernote servers in an encrypted fashion?

Or are the only notes that are secure those notes which I have enabled the Text Encryption feature?

2. What security policies and measures does Evernote put in place to protect a users account?

a. What happens when a user loses his password, and how secure is the password recovery functionality?

3. Are Evernote Sync Operations on mobile devices performed over SSL connections to protect users who may be on unfriendly Wireless Networks?

4. Do you have multiple data centers in case a group of servers in a particular data center go down? What about offsite backups?

What else should us users know about maintaining the security of all our most valued data stored with the Evernote Cloud service, (like a discussion of how backups are performed and what the Corporate Disaster Recovery Plan is if any).

Thank you,

LC

Link to comment

Thanks,

I have read that and it answers my question #3.

In that post an Evernote employee suggests that a Windows Screen saver password would be better than a simple password check in the Evernote application. While this is true in certain contexts, I don't see a reason why Evernote doesn't encrypt (on closing) and decrypt (on opening) the local user database file using a simple symmetric encryption algorithm using the initial user specified login password as the encryption key. This method would be much better than using a Windows screen saver password because it would prevent someone from accessing your Evernote Data if your machine was stolen (like as in a laptop, or PDA) and the hard drive was removed and mounted on another computer.

I don't see a way of protecting the Evernote Databases by using drive encryption unless you are willing to encrypt your system partition. To ask users to do this to protect a single application is not realistic. Also it is a bit of a stretch for non-technical users to be asked to run their primary OS on an encrypted partition. Evernote can be installed on other drives, but there is no way to make it use a different data directory ((on a partition that is encrypted). Upon installation it does not prompt you to make such a choice if my memory serves me correctly, and please correct me if I am wrong. If the application does not provide a user with a choice, then it should assume the responsibility of protecting the user's data.

I am not so much worried about my desktop but more so about my laptop and or mobile device. One thing I would also like to point out is that it isn't necessary for the device in question to be stolen either. The data stored on these devices can be captured and read by malicious applications if you are infected for instance with a trojan or virus. Any attacker that gains access to your machine can copy and read your entire database. It is trivial to do so once the attacker has compromised the machine

Evernote stores the data in plain text in:

C:Users%username%AppDataLocalEvernoteEvernoteDatabases

Android and other Mobile OS applications also do not store the data in an encrypted format.

In Evernote's defense, the majority of Mobile applications do not store your data using Encryption either, making you an easy target for either a malicious attacker to steal your data, or for Law Enforcement to run forensic data recovery tools.

Thanks,

LC

Disclaimer: the main impetus of this thread is not to expose details related to Evernote data storage, but instead simply to get real answers about real concerns regarding storing my data in the cloud.

What happens if Evernote corporation ceases to exist for whatever reason, will my data be recoverable and secure?Or will the servers and disk array's that host the data simply be sold off at auction, which in that case who knows who will end up in possession of my private data? I bring this up because it has already happened. Not storing user data in the cloud in encrypted form is just bad, bad, bad.

Welcome to the Cloud.

Link to comment

Hi LooseCannon,

You say that:

Evernote stores the data in plain text in:

C:Users%username%AppDataLocalEvernoteEvernoteDatabases

LC

but I'm under the impression that you can set the folder where EN stores data anywhere you want. For example, I make the local store on X:evernote, for example. And I create X: from a separate partition on my drive that's a Truecrypt device. So rather than encrypt the C: drive, I just encrypt a partition and mount it when I want to use EN. (Always...) So the data are invisible and also encrypted when the notebook goes missing.

Is your system that different than mine or have I just not looked carefully enough at C:Users%username%AppDataLocalEvernoteEvernoteDatabases?

Regards,

Carls

Link to comment
  • Level 5*

Don't mean to sound complacent, but what would you have Evernote do? Their avowed intents are a.) to concentrate on their strength and not reinvent any wheels like word processing - or presumably encryption, and b.) to give you full access to your data on multiple platforms. There are plenty of word processors and encryption options out there for users to choose from if/ when required; and if you have access to your data, then no matter what protections or encryptions are in place, someone pretending to be you could possibly gain access. The core data is encrypted online (and buried within the substantial mass of 11 million [?] other users' information) and you can use the web service exclusively if you wish. If you have a feature request I'm sure it will be considered.

Link to comment

The core data is encrypted online (and buried within the substantial mass of 11 million [?] other users' information)

To clarify, unless you encrypt the contents of your notes either with EN's text encryption or by using a third party tool (IE encrypted PDFs), your Evernotes are NOT encrypted on the EN servers. However, one of the thrusts of EN is to index your information so it's very easy to retrieve the note(s) you're looking for at any given time from your tens/hundreds/thousands of notes. As was stated in the thread I linked to above, this cannot be done if the data is securely encrypted. By securely, I mean, EN has no access to the encryption password.

Any time a cloud service can tell you your password (click "forgot password') and/or can help you restore your data, your data is NOT secure from hackers. Do you think hackers are smart enough to be able to hack into a cloud server but not smart enough to figure out where the encryption passwords are located???

Link to comment
  • 2 weeks later...

I have been using evernote for weeks, and I think it could be a great feature to add password protected notes.

So, each time I want to read a "secure note" I have to enter it's password.

This is usefull for REALLY important notes, such as credit card numbers, account numbers, etc... I like to have them on notes so I can just copy and paste them each time I buy on the internet.

It's just an idea :)

Cheers!

Link to comment

This has been discussed before. You can encrypt text within notes (using the Mac/Windows client). But it's doubtful EN will incorporate any further password encryption than what already exists. You can, however, password encrypt PDFs or winrar or whatever encryption tool of choice you have & drop the encrypted file into Evernote. Of course, any computers/devices you want to view it on will need to be able to decrypt the file.

Please search the board on security or encryption if you want more information.

Link to comment
  • Level 5

I have been using evernote for weeks, and I think it could be a great feature to add password protected notes.

So, each time I want to read a "secure note" I have to enter it's password.

This is usefull for REALLY important notes, such as credit card numbers, account numbers, etc... I like to have them on notes so I can just copy and paste them each time I buy on the internet.

If you rely on your desktop primarily, you can move the notes that you want protected to a local non-synchronized notebook.

The information will never leave your computer. It won't show up in the cloud or on your mobile.

The only place it will be visible is on your local client computer.

That is what I do, since virtually 100% of my online purchases are done from my personal computer.

And I go one further step - I will use the Evernote encryption to protect the acct numbers and credit card numbers.

Link to comment

I agree with the OP. to have to decrypt every single notes is too much hassle. It is better if you can drag and drop a bunch of notes into the "Encrypted" zone (notebook) or vice versa to have it automatically done for you. with different pass in different notebooks you can surely have "Normal", Work, or Personal MODE all in one account.

Link to comment
  • Level 5

If you follow my first suggestion, you won't have to decrypt anything. The information can be stored as text on your client. It won't go to the web or the cloud.

I encrypt it because I want to. It's not mandatory.

Another option is to use a 3rd party encryption program such as TrueCrypt.

Based on the previous comments from Evernote, and due to the need to support across multiple changing platforms (I believe it is up to 14), encrypted notebooks are not a priority (to my understanding)

Link to comment
  • 4 weeks later...

I think we do not refer to cloud security. this is kind of a "multi-level" security issue inside the PC. Evernote is kind of an open program with no password. When my friends come to my house, I can certainly use Evernote and show them some of the "public" information in my notes, but surely I would want any private information exempted away from view or even from being searched. I think it is much better if they implement multi level password to access data in different levels, or at least have an encrypted notebook for the sake of ease of use

Link to comment

So, I've had Evernote for aaaages. Not until recently have I started to use it as intended. Now I'm starting to see all kinds of possibilities.

I've done some searching on the web and here on the forum, but I'm none the wiser. I'm a curious about what kind of security Evernote has with regards to our documents? Even the "best" can get hacked and even Google managed to delete thousands of accounts because of a server error. SNAFU's happen all the time.

So, how worried should I be with storing my IRS records on Evernote?

What about my pay-checks?

Banking statements?

Medical records (test, procedures, recommendations etc.)

Heck, what if I'm a famous Hollywood actor and I started to write my memoirs or journal?

It's not the MOST interesting documents to a Bulgarianigerian hacker, but still pretty sensitive.

S

Link to comment
  • Level 5

The Marketing Director at Evernote mentioned he keeps his Tax returns on Evernote.

Personally, I favor keeping private information on a local non-sync'd notebook that stays on my computer and does not go to the cloud. I create searchable PDF's before adding them to Evernote. Passwords and user ID's are stored inside LastPass.

Here is a helpful blog about the safety of your data inside Evernote

http://michaelhyatt....n-evernote.html

And for more security, consider TrueCrypt

http://www.40tech.com/2009/12/13/how-to-password-protect-evernote-updated/

Link to comment
  • 1 month later...

All of the notes here are older than 1 month. Is it still the case that Notebooks cannot be password protected?

(If this is the case, then what about having multiple installations on the same computer and having one fully encrypted at the database level?)

If password protection is not going to happen, then I will have to abandon it in favor of a product that offers multi-level security.

It's too bad that EverNote is lacking security. This cuts it out for all serious corporate applications.

Is this the final word on EverNote security ?

Someone from EverNote engineering management please respond.

This is really important.

Thank you.

Link to comment
  • Level 5*

This is a user forum, Evernote staff to tend to read every post but they don't respond to each one.

They have however said many many many times on here that securing a desktop is the user's responsibility and that they are not minded to provide application/stack/notebook/note security beyond the existing encryption.

Link to comment
  • Level 5*
All of the notes here are older than 1 month. Is it still the case that Notebooks cannot be password protected?

WRT the Windows client, it is true; however that your Evernote account is password protected. Just sign out when you're done using it.

(If this is the case, then what about having multiple installations on the same computer and having one fully encrypted at the database level?)

Also in WIndows, you can access multiple accounts in the same Windows account, or use different Windows accounts.

If password protection is not going to happen, then I will have to abandon it in favor of a product that offers multi-level security.

If those are your requirements, then that's fine.

It's too bad that EverNote is lacking security. This cuts it out for all serious corporate applications.

Evernote is not lacking security; it's just lacking the security that you need.

Is this the final word on EverNote security ?

Hard to say, but it's the current word.

Someone from EverNote engineering management please respond.

As Metrodon said, this is a user forum; Evernote staff do comment on occasion, but you can't expect it.

Link to comment
  • 2 weeks later...

So I've been reading about encrypting my EN database with TrueCrypt and have been unable to find a clear answer to this question: If I encrypt the database, will every sync consume the entire size of the database, or only the incremental size of changes?

In other words, if my encrypted EN database is 100MB, will each sync be 100MB in size, or only the size of changed data?

Thanks in advance,

Greg

Link to comment
  • Level 5*

hi. as i understand it, there is no effect. i have encryption on my mac (file vault), and i believe the evernote database files are sequestered there, and i have not had any problems with syncing. i am sure others on the forum are more knowledgeable than me about this, though.

Link to comment

As GM said, there is no difference between sync'ing a database located in a Truecrypted container vs one that is not. Once the TC container is mounted & you've invoked EN, EN doesn't even know the database is in a TC container. That's how TC works.

Link to comment

As a new paying user, I am just keeping the feedback coming that we need password capabilities.

For the few evangelists out there, no need to repeat the following, unless it makes you feel good:

  • Yes, I know it has been discussed at length, but I believe in giving feedback. I am in sales and frequently ask my customers for their most desired feature or change.
  • Yes, I know you don't think it is necessary, and prefer to hack your phone, deal with multiple pieces of software to accomplish, etc. I see this as inelegant, to say the least.
  • I just want an option, so don't worry about your workflow, you can turn it off!
  • Yes, I am doing a workaround, password protecting entire pdf documents since I own Acrobat. No, it is not an ideal solution, and I can't even open them on the IOS apps.
  • I know that some think that this has been adequately addressed by Evernote and that they will take an arrogant stance and never seek to improve to meet customer needs. I don't think that they are so pompous to believe that they know better what we need, but let them tell us that here if it is true.

I see the arguments against this as analogous to "You don't really need a seatbelt, just drive safer, avoid busy intersections, stay home around 2 AM, and look at me, I am just fine wihout one."

Thanks for letting me place my vote, along with the countless others asking for this feature.

Jim

Link to comment
  • Level 5*

Hi. Welcome to the forum.

"As a new paying user, I am just keeping the feedback coming that we need password capabilities."

I have password capabilities. I don't understand what you mean. Perhaps you mean the ability to encrypt notes containing passwords. We can do that, too...

Did you mean to say "encryption"? I wonder if you mean that you want evernote to give us the ability to encrypt the entire content of our notes, and not just the text parts. That sounds fine to me, I guess, but I have no idea what kind of technological challenges that will pose. I think people (myself included) have asked for encryption for notebooks before. Perhaps this is the kind of thing you are looking for.

I guess it never hurts to suggest it. But, for your first post on the forum, I'd think you wouldn't want to pre-emptively shut down any discussion by coming out against members of the community. Evernote evangelists, and other members of this forum are users like yourself, and I'd like to hear their opinions too.

Link to comment

As a new paying user, I am just keeping the feedback coming that we need password capabilities.

For the few evangelists out there, no need to repeat the following, unless it makes you feel good:

  • Yes, I know it has been discussed at length, but I believe in giving feedback. I am in sales and frequently ask my customers for their most desired feature or change.
  • Yes, I know you don't think it is necessary, and prefer to hack your phone, deal with multiple pieces of software to accomplish, etc. I see this as inelegant, to say the least.
  • I just want an option, so don't worry about your workflow, you can turn it off!
  • Yes, I am doing a workaround, password protecting entire pdf documents
    since I own Acrobat. No, it is not an ideal solution, and I can't even open them on the IOS apps.
  • I know that some think that this has been adequately addressed by Evernote and that they will take an arrogant stance and never seek to improve to meet customer needs. I don't think that they are so pompous to believe that they know better what we need, but let them tell us that here if it is true.

I see the arguments against this as analogous to "You don't really need a seatbelt, just drive safer, avoid busy intersections, stay home around 2 AM, and look at me, I am just fine wihout one."

Thanks for letting me place my vote, along with the countless others asking for this feature.

Jim

IOW, a drive by. You want to place your vote while keeping those who disagree with you from "voting". Way to make friends & influence people as well as a "nice" first post.

I suppose if I wanted to get all gnarly & stuff I could ask why you, as a "new paying user" should have precedence over some like like say, me, who's been contributing for several years now. But I won't.

Link to comment

Plus, if there are countless others asking for this feature, it would behoove one to strengthen their stance by, I don't know - linking existing threads on the exact same topic. Or, maybe, posting in one of those.

We do read these forums, but when we see a lone post, especially one that says "lots of people are asking for this *exact thing that I'm talking about*" without actually any backup of that, it kind of leaves us feeling that the poster is a bit disingenous.

Additionally, while we do take our user requests into consideration when designing upcoming versions, our goal is for the overall addition across the board for all of our platforms. We cannot add a new feature until we've discovered a way that will work to get it into *all* of our clients in a pleasing, user-friendly experience.

Link to comment

[*]Yes, I am doing a workaround, password protecting entire pdf documents since I own Acrobat. No, it is not an ideal solution, and I can't even open them on the IOS

I interpreted OP requesting database encryption. Although it does take a bit of delving into his post. But yeah, OP never really stated what he wanted. Mostly what he didn't want.

Link to comment
  • Level 5*

i kind of thought he might be looking for database encryption too, and that is why i mentioned the encrypted folder idea. if evernote allows us to encrypt databases, the content would no longer be searchable, right? that would suck. an encryptable notebook would be nice. but, a s evernote has stated publicly (right?) that they are not exploting this option, there isn't much to say about that.

Link to comment

That's why I said he should post specific examples of what he's explicitly requesting that other people have requested before. After all, we have to know what we're taking our "arrogant stance" about, right? :)

Link to comment

You know, encrypted attachments might be a great idea, even if they couldn't be searched because of the encryption. You have some sensitive info? Stick it in an attachment on a note and describe it with a title, a few keywords or tags, voila! You have secured data without sacrificing the search capability.

Link to comment

You know, encrypted attachments might be a great idea, even if they couldn't be searched because of the encryption. You have some sensitive info? Stick it in an attachment on a note and describe it with a title, a few keywords or tags, voila! You have secured data without sacrificing the search capability.

You have just described password encrypted PDFs. I use them often.

Link to comment

You know, encrypted attachments might be a great idea, even if they couldn't be searched because of the encryption. You have some sensitive info? Stick it in an attachment on a note and describe it with a title, a few keywords or tags, voila! You have secured data without sacrificing the search capability.

You have just described password encrypted PDFs. I use them often.

So, EN will not search the password encrypted PDF, but EN will just ignore the PDF and not choke on it either?

That's the third or fourth I've wished for something in EN and the EN fairy waved her magic wand!

Link to comment

Wow, what an immensely passive-agressive first post. The OP elaborated so much on disarming his would-be opponents that I don't even know whether he means encrypted storage of the evernote password on local clients, encrypted transfer of this password, encryption of notes/notebooks/attachments or wants evernote to get 1password functionality.

OP please explain your suggestion in more detail.

Link to comment
  • Level 5*

:(

i'll put in my vote now for simplicity. let's take those evernote resources, dump them into improving on the current platforms, especially mobile, and let us handle our security. as the op and bnf said, we can pw protect our stuff before uploading. let's encourage en to develop and innovate in other areas (assuming, of course, that the op is indeed talking about having en encrypt stuff).

Link to comment

Mea Culpa. Sorry for the sore toes all. Let me clarify. I know I am a grouchy old guy sometimes, and that people have a thinner skin for dissent these days, but it wasn't my intention to shut people down, or discourage discussion, or to be unclear. I was very tired last night after a few weeks of business travel and trying to set up passwords for this program. I did want to skip through the same responses I have seen before, so listed them in kind of a funny way I thought (oops) trying to show that I had a)searched the forum, and :( put some thought into it. Not sure what a drive by is, but it sounds negative also. Honestly, I kind of hate forums because people who ask questions get shut down so fast by the club. So, whoever psychoanalyzed me above, I guess I might have been a bit aggressive, but you can ditch the passive part. Never been accused of that. I want everyone to feel free to discuss, and nobody with thoughtful opinion to be shut down.

For All. I said password and encryption, but didn't form the thought fully for you. I was interested in password encrypted notebooks in the cloud. As someone picked up, my alternative right now is to password encrypt the pdfs. But this does remove some functionality. I would love to click on a certain notebook called "medical", type a strong password, and have all my notes, records, and such pop up with full functionality. As a first step, the pin function now available on IPAD for all devices would help.

For the evernote person, please to do a search and you will see it asked for multiple times, typically the conversation ends quickly when one of the things I listed in my first note happens. You might want to survey your customers with a force ranked list of feature requests. You might be surprised how many shy people out there are nervous about forums due to some of the nasty ones out there. You are only getting a sampling, and you do have data that shows people want this, including feedback from some of your strongest blog advocates who write about organization and such for a living. Just have a look. The fact that there are blogs with incredibly complex workarounds (for the average Jim) should also be telling you something. Ever think about a paid feature (pay extra for a specific feature)? Smart companies do. I like navigation on my car, so I paid a lot for it. Those who don't, don't. This is what I will tell you after many years as a sales executive. There is a need, and if you don't fill it, someone will. If you ever assume your stuff is good enough, because the hardcore few are vocal and love it, just have a quick meditation about our friends at RIM who are soon to be RIP bankrupt or bought out. I am not saying that is where you are. It is a danger that all companies face.

Thanks again to everyone for participating in the discussion, from tired, grouchy old road warrior Jim who just wants things to work. I say that with a sincere smile.

Jim

Link to comment

That's why I said he should post specific examples of what he's explicitly requesting that other people have requested before. After all, we have to know what we're taking our "arrogant stance" about, right? :(

Thanks for joining this conversation. My last bullet point with the word arrogant stance was talking about the commonly received answer to this question, even available in this thread now, that you all have fully addressed the issue and will not consider the feature request. I tell my boss every week that we have a unique product, but we must never be arrogant thinking we will never have competition. That is what I was talking about. I wasn't calling you arrogant yet. I specifically sited never seeking to improve as an example, but if I thought you were that, I wouldn't have bothered to write. Again, it was a response I thought I was going to get (and did get). I am no good with this multi-quoting thing, but have a look at this one:

"an encryptable notebook would be nice. but, a s evernote has stated publicly (right?) that they are not exploting this option, there isn't much to say about that."

That is out of the mouth of one of your customers and forum users who has the perception. I really encourage you to take a serious look at this, and do a real poll of your customers, rather than just the outspoken ones.

Link to comment
  • Level 5*

Sorry to hear you hate forums so much, and that you are getting shut down elsewhere. I hope you don't get that feeling here. As you can (hopefully) see from my original response, I think your suggestion for encryption is a good one and worth pursuing. I have suggested similar things before. However, my inclination would be to prioritize other areas that need improvement at this point. For a young company like Evernote, I think getting some of the fundamentals right (the iOS app, for example) is crucial, and additional security would be a secondary concern, because we currently have a secure alternative in place (see below).

I am sure your points about the need for innovation and the demand for more security (in various forms) are good ones, and I am sure the EN developers (no strangers to security issues) have them in mind. They have said as much in public statements.

What can you do right now? Password protect and encrypt the data yourself (as you are already doing). It works quite well in iOS (contrary to what you said in your original post). Unfortunately, Apple's PDF viewer that EN uses to open a PDF is useless (in my experience), but if you open the PDF in another application (I recommend iAnnotate) you can view your PDFs quite easily.

Link to comment

My thread of the week!! It's got it all, accusations, assumptions, confusion and obfuscation - wonderful!

Yawn. See what I mean? Here comes the shaming and the shut down. OK, where is the obfuscation, or is it just a big word we like? Who is shutting down discourse? Wow, really an over defensive reaction and reading of what I was saying. I don't want a flame war. I thought maybe we would get new people and fresh discussion. I have no more time for it now. Thanks for listening, and again, my apologies for your exposed toes.

Jim

Link to comment
  • Level 5*

My thread of the week!! It's got it all, accusations, assumptions, confusion and obfuscation - wonderful!

Yawn. See what I mean? Here comes the shaming and the shut down. OK, where is the obfuscation, or is it just a big word we like? Who is shutting down discourse? Wow, really an over defensive reaction and reading of what I was saying. I don't want a flame war. I thought maybe we would get new people and fresh discussion. I have no more time for it now. Thanks for listening, and again, my apologies for your exposed toes.

Jim

I'm guessing the obfuscation comes from the fact that no one could tell what you were even asking for - you saw that yourself and came back and gave a clearer explanation.

For such a world weary chap you do seem to have very thin skin.

Link to comment

Quick follow up for everyone. Thanks for all of your replies. I have found that there is a product which is installed on both my PC's already that has all of the functionality I was asking for. I don't want to advertise the competition on Evernote's site, so will leave it at that. I will experiment with it this weekend, but I think it is the answer with very similar functionality and added security for notebooks, allowing the capability to enter a password and then enjoy full functionality.

Quick explanation of my confusion on the word obfuscation, it implies an INTENTIONAL obsuring or clouding of the facts. The only place I have done that is in this message, so that I am no abusing Evernote's hospitality by refering to competetive products directly.

Thanks again,

Jim

Link to comment
  • Level 5*

I'd be interested in hearing about the competition as well. I don't think Evernote minds. This is a user forum. I'll assume for the sake of argument that you are talking about OneNote. A lot of Evernote users also use that, so they might be able to comment more on its password capabilities.

For my use (probably different than yours) I want something that is accessible across several platforms (at least mac, windows, and ios) and has plenty of online storage (otherwise, there is no point for me in using it). I had to leave OneNote behind years ago, because it doesn't achieve either of these well, even with its recent iOS support. But, it is a fine program, certainly a pioneering one, and really well-made.

Link to comment

Our discussion boards are a lively place, where people are free to discuss all the products that they find useful to help them in their daily lives. Evernote isn't always the best fit for every task, and we realize that, so as you can see from the posts above mine, our users are happy to point out the benefits of competing (and coexisting) products.

As for password protected notebooks - one of the major benefits of Evernote is our indexing system. That is what sets us apart from everyone else in the industry. If we can't index your data for searching, we honestly don't understand why you would want to use our product instead of anyone else's. It basically just turns us into file storage.

Yes, it will sync your files to another platform, but so will Dropbox, and a bunch of other products, and you wouldn't be able to search with them either.

So - if you don't want us to search through your data by password protecting it, what makes you want to use Evernote as your "cloud storage provider"? We limit your filesize to 50MB. We limit your upload quota to 1GB a month, and charge $5 a month for each GB over that.

We're not trying to be arrogant, we just don't understand the usefulness.

One or two files here and there, sure (password protected PDFs.) A few bits of encrypted text. But entire notebooks? Other programs do it already, and better.

Link to comment
  • Level 5*

@heather

actually, i have to disagree with you here. the ability to encrypt an entire notebook would be quite nice.

1. would i put everything in there? no. as you said, it wouldn't be indexed.

2. would it be more convenient? undoubtedly. encrypting each note individually is quite a pain. and, currently you have to open up a separate application (like adobe) to encrypt the contents of attached files.

3. would it make evernote more useful? yes, because i cannot encrypt files in evernote on many platforms. encryption is actually impossible for me weeks at a time, because i do not have my osx laptop with me.

4. why not use dropbox? i don't need or want evernote to index my medical records, or materials with the sensitive information of third parties. i want it all in one place and accessible (note links or title searches), though. dropbox places it out of reach, especially if you travel and do not have an internet connection.

5. is this high priority? not for me. i would like it, of course, but there are many partiy issues i want to see evernote address first.

Link to comment
  • Level 5*

As for password protected notebooks - one of the major benefits of Evernote is our indexing system. That is what sets us apart from everyone else in the industry. If we can't index your data for searching, we honestly don't understand why you would want to use our product instead of anyone else's. It basically just turns us into file storage.

I'm not sure what password protecting a notebook fully implies, but let's assume for a moment that it means you encrypt the Note contents, but NOT the Note metadata.

If so, then EN searching could still be very powerful/useful as you can search for tags, title, dates, and other metadata.

So, we could have a Notebook whose Notes contents are more secure while still allowing useful searching.

Just a thought.

Link to comment
  • Level 5*

At a guess, someone who would want to encrypt a note's contents would also want to encrypt its metadata, as metadata can carry private information as well, e.g. Title, tags, geographic location. Is search text (as from images) considered to be metadata as well? Its hidden from users, but it is part of a note's ENEX content.

Link to comment
  • Level 5*

the title (120203 grumpy monkey bowel movements) would not necessarily have any sensitive data in it. the metadata just tells where i made the note, the tags, and so forth. i would prefer if this wasn't hidden. i guess i consider the metadata to be separate from the actual content of the note (text or file attachment).

Link to comment
  • Level 5*

At a guess, someone who would want to encrypt a note's contents would also want to encrypt its metadata, as metadata can carry private information as well, e.g. Title, tags, geographic location. Is search text (as from images) considered to be metadata as well? Its hidden from users, but it is part of a note's ENEX content.

Perhaps that is how you would want it, but I think there are definitely a number of use cases where ONLY the Note content/attachment would be sensitive.

For example: Bank Statements and other financial statements.

My Title of "Bank ABC Jan 2012 Statement" and tags of "Financial" and "Bank" are not at all sensitive.

And let's not get technical here. Note "Content" means content from the User's prespective -- not how EN manages the note data.

Link to comment

the title (120203 grumpy monkey bowel movements) would not necessarily have any sensitive data in it. the metadata just tells where i made the note, the tags, and so forth. i would prefer if this wasn't hidden. i guess i consider the metadata to be separate from the actual content of the note (text or file attachment).

:o TMI.

I can appreciate if people want all their data in one place. But IME, that's rarely, if ever happened & probably never will. I don't store most of my photo scans/digital photos in Evernote. That's on my hard drive & my Amazon S3 cloud. The photos are organized with ACDSee Photo Manager.

My passwords are not in Evernote. They are stored in SplashID - been using that app for about five years.

My home movies/videos are not in Evernote. Primarily due to size. Most of them aren't backed up in the cloud again due to size. The sheer volume & size makes uploading from a Cox high speed internet access in a residentail home prohibitive and the pricing/cost as well. So no cloud for them. However, they do get backed up to Western Digital Passport USB drives & stored in my safe deposit box.

My music is not stored in Evernote. iTunes is the organizer & the music is uploaded to my Amazon S3 cloud.

I'm one who prefers to use the best tool for the task. Yes, it would be nifty to have everything in one app. But like I said, I've never had the luxury of being in that position & don't see it happening anytime soon. So I fully agree with Heather when she says "If we can't index your data for searching, we honestly don't understand why you would want to use our product instead of anyone else's."

Link to comment
  • Level 5*

Um, "At a guess", means I don't really know. As it happens, I don't really have a preference either way, since I don't use Evernote's encryption facilities. But people who care about security tend to really *really* care about security, and it's certainly something worth considering.

Oh, by all means, let's not get technical here, because security is not a technical subject. Oh right, I was merely asking a question about whether such information ought to be encrypted as well.

Link to comment
  • Level 5*

Or just don't do it at all, tell everyone that you aren't going to do it and then let users decide for themselves what they want to do.

A halfway house will just lead to confusion I'm sure.

Link to comment

For All. I said password and encryption, but didn't form the thought fully for you. I was interested in password encrypted notebooks in the cloud. As someone picked up, my alternative right now is to password encrypt the pdfs. But this does remove some functionality. I would love to click on a certain notebook called "medical", type a strong password, and have all my notes, records, and such pop up with full functionality. As a first step, the pin function now available on IPAD for all devices would help.

Heather's mentioned this, but if the whole notebook was encrypted, then we wouldn't be able to offer full functionality on it. Or we'd do some hardcore encrypting decrypting all the time for all the data in there. If we just offer password protection, your files are still on your hard drive and accessible outside of Evernote.

There is the possibility of encrypting note content (note body, attachments) and not the metadata (note title, tags, created date, creation source, etc). It is a interesting middle ground. I'm not sure it is something that I'd be completely happy with, but maybe I'd use it sometimes

Link to comment

Or just don't do it at all, tell everyone that you aren't going to do it and then let users decide for themselves what they want to do.

A halfway house will just lead to confusion I'm sure.

Yeah there is the concern that we'd say we do encryption and someone doesn't realize note titles will be available and accidentally exposes sensitive information. Tough balancing act

Link to comment
  • Level 5*

the title (120203 grumpy monkey bowel movements) would not necessarily have any sensitive data in it. the metadata just tells where i made the note, the tags, and so forth. i would prefer if this wasn't hidden. i guess i consider the metadata to be separate from the actual content of the note (text or file attachment).

:o TMI.

I can appreciate if people want all their data in one place. But IME, that's rarely, if ever happened & probably never will. I don't store most of my photo scans/digital photos in Evernote. That's on my hard drive & my Amazon S3 cloud. The photos are organized with ACDSee Photo Manager.

My passwords are not in Evernote. They are stored in SplashID - been using that app for about five years.

My home movies/videos are not in Evernote. Primarily due to size. Most of them aren't backed up in the cloud again due to size. The sheer volume & size makes uploading from a Cox high speed internet access in a residentail home prohibitive and the pricing/cost as well. So no cloud for them. However, they do get backed up to Western Digital Passport USB drives & stored in my safe deposit box.

My music is not stored in Evernote. iTunes is the organizer & the music is uploaded to my Amazon S3 cloud.

I'm one who prefers to use the best tool for the task. Yes, it would be nifty to have everything in one app. But like I said, I've never had the luxury of being in that position & don't see it happening anytime soon. So I fully agree with Heather when she says "If we can't index your data for searching, we honestly don't understand why you would want to use our product instead of anyone else's."

bm documentation ok (hopefully, with titles and metadata--you and heather may not get the value, but i do!).

bm photography, so-so.

bm videos no.

bm physical specimens, no.

i can live with that :)

Link to comment

I've been waiting for Evernote to take security seriously for over one year. Until now, I've only taken the liberty to set a couple of YouTube users straight (privately) about the serious security implication of using Evernote for business purposes without DB encryption in the back-end. But nonetheless, non-technical users seem to ignore the true depth of risks and liabilities for increasingly using cloud-based applications even when news of network penetration and identity theft become more common.

I'm a Network Administrator, currently striving for a specialization in network security. Not an expert by a long shot, but I have to follow the industry trends up on a regular basis.

I remember seeing in the WSJ an article about the CEO of Evernote asking users why they don't use his application more. I tell you why users shouldn't use it yet... security.

I regrettably read that lots of users in this thread claim security is not their priority. Good for them. However, security shouldn't be an "add-on" feature. Instead it should be built into the most basic design from inception. Otherwise, you'll end up like the DoD, losing millions of dollars of equipment and possibly technology patents because they failed to implement encryption (on drones recently hacked and stolen by Iran). I bet someone in the defense contractor company said, "we just don't understand the usefulness" of encrypting our drones. I'll show you how your privacy might be at risk only by following the suggestions of Evernote's team besides the occasional condescending argument.

Not long ago, I saw a testimonial video from a K-12 student who claimed he used Evernote for everything in his last year in HS. I hope he didn't use it to keep FAFSA related info, or scholarship applications.

Then another video of a teacher who encouraged his class to submit assignments and give lectures, etc. The Mountclair Kimberley Academy seems to be increasingly using Evernote in their curriculum. Evernote is becoming a collaboration tool, much like SharePoint or AlFresco is used in the enterprise world. But yet, it seems that the devs haven't grasped at the idea of how their tool, as simple as it is, can someday become the default document sharing and archiving application. I wouldn't call it a platform yet, simply because unlike SharePoint, security it's not an integral part of the mix but rather a secondary feature around here. I hope you do explain to these fine institutions and users who appear in video that any and all data is clear in the back-end and therefore understand the risk of putting their name and reputation out there.

Let me ask you, how would you like your kid to send an athletic, administrative or academic application via Evernote with his/her S.S.N. on it and end up leaked out when one of your servers gets hacked or penetrated by an insider? Please don't attempt to explain how an inside job can't happen because of your physical security measures, any security consultant will argue that although less likely to happen statistically speaking, it can be far more devastating than an external attack if it ever does happen. Not only that, but as Sony's PSN fiasco of 2011 showed, as soon as an external attack gets past the firewall, (lots of times thanks to the unintended help of employee's computer practices), finding and exploiting non-encrypted data is fair game.

On the "8 Great Ways Couples Can Use Shared Notebooks" article, you suggested to upload and share the following:

  • Traveling Plans: Really... users should feel safe having itineraries, route maps, and other documents for easy access without encryption in the back end? Governments as well as criminal groups would have a field day if they can get access to DBs full of this info about their dissidents and people of interests; just ask Google and their Chinese government run-in a couple of years ago. Also, the icons on the website show an image of a passport, and although it's not enumerated in the lists, some people might feel encouraged to scan their passport into an unencrypted DB.
  • Shopping and To-Do-Lists: It may sound like low risk, think about people who might actually put their medication list on EN to remember have them picked up at their pharmacy. Now, that's something lots of people won't want to share with the world.
  • Sharing information about your kids... " class rosters to sports practices, vaccinations to everything in between": Really?... Seriously? I bet those parents who had their kids taken away legally wouldn't mind getting a hold of these. I'm sure it escapes everyone's minds since we never hear about this but "there are" people out there under witness protection who's privacy is paramount.
  • Doing your taxes: This is why I was mostly interested in EN. I wouldn't mind paying to have receipts OCRed and then indexed by year for my sales taxes, medical expenses or education expenses deductions. But guess what? Should I mention why having tax information in Evernote is a bad idea? It runs along the lines of clear non-encrypted DB.

I shouldn't mention to those small business owners (specially in healthcare and accounting fields) that entrusting their client's information in a company that is not HIPAA or Sabares-Oxley compliant is a very bad idea. They would be liable for damages if their information is compromised. Evernote as a company could also be liable for suggesting and promoting the use of a service that could potentially endanger institutions and companies.

I would also suggest inventors in need of taking notes to stay away from applications which could make them vulnerable to patent, copyright and trademark losses. It's their livelihood that's at stake and it would really suck if someone gets a hold of their next big idea before they are able to lock them on their name.

So how many types of users did we just excluded or alienated there?

As you can see, there are many "useful" instances where encryption and user privacy protection is of utmost importance. Now, encryption should be simple enough to be done at the client side before it leaves to the server. Yes, it would stop you from going through the user's data, but that's the whole point of privacy right? :) Indexing and OCR can be done at the client-side while the password/token is on memory. It's true what Heather mentioned, there are other programs that can do this much better than EN... at least in the small business and enterprise environment. But it's not your indexing that separates you from the crowd, it's the inability of EN to do encryption, OCR and Indexing seamlessly at the same time. Now, what makes EN most attractive to users like myself it's the fact that an individual can use the tool, without committing hundreds of dollars in a server-client application that we would have to maintain.

Client-side PDF encryption is a good 1st step, but still a workaround. Workarounds are not true solutions, but rather they should be seen as temporary fixes to those issues we don't have the expertise to resolve yet.

I (in my narrowly limited mind) only see two solutions to this issue: 1) Get better engineering to put security at the forefront of the application for the sake of those (regardless of how many) who use it in the ways you suggest, or 2) get a hell of an attorney and have it on a call basis.

Link to comment
  • Level 5*

Or let users know what is available and let them decide for themselves whether the service meets their requirements. If it doesn't then of course they should and are able to go and use something else.

Link to comment
  • Level 5

For a consumer based software program, I found this article on Evernote to be helpful and easy to read.

Is Your Data Safe In Evernote

http://michaelhyatt....n-evernote.html

The takeaway line: "There are no absolute guarantees in the world of digital media and cloud storage, but this is compelling enough to me."

He also mentioned that If you need more security, try TrueCrypt

Back on March 26, 2009 Evernote employee Dave Engberg mentioned the following:

"I personally feel that Evernote is appropriate to store things that you'd be willing to send over email via a high-end email provider. I.e. if you have something that you absolutely would never want to be stored "in the Internet" anywhere, then you wouldn't send it to someone via email, and you wouldn't store it in your Evernote account."

.

My interpretation of similar comments is that Evernote is for personal use. Corporations might use it, but need to be cautious. It is not an enterprise type software program.

Link to comment

Or let users know what is available and let them decide for themselves whether the service meets their requirements. If it doesn't then of course they should and are able to go and use something else.

That scenario is covered under my 2nd option as they would still need a lawyer if breach happens.

If that's the option they decide to take, then they need to make sure the suggested use of the application won't put users at risk. At this moment, it just doesn't look ethical or even honest to tell your users to put tax or any of the other information in their servers with no encryption protection. It just creates a false sense of security, which is much worse than non-security.

@ Reaver, I've read the http://michaelhyatt....n-evernote.html article before. I think I've commented there before. Simply put, the person who wrote the article is not a security expert as the issue of database encryption was completely ignored... again creating a false sense of security when the issue is a huge red target on Evernote's servers.

Using Evernote in a local database, encrypted in the local HDD takes away from the attractiveness I mentioned of the server-client architecture cloud provides. If the answer to server security is, "don't use our servers" again it falls under option #2 of my first post.

The CEO should have realized by now that security is the awkward blue elephant in the room for many Evernote would-be users. Not whether their aging Blackberry or HP WebOS device can access the service. If he doesn't' realize this is a valid reason for users not to flock to his service as an integrated document archiving service, then too bad.

Link to comment

Iregrettably read that lots of users in this thread claim security is not their priority. Good for them. However, security shouldn't be an "add-on" feature. Instead it should be built into the most basic design from inception.

While I find security a priority issue with me, I find your post not applicable to Evernote, no matter how much you want it to be. IMO, yes, a USER should ultimately be responsible for his/her own data. Not each & every individual app they may use. Additionally, security must be balanced with usability. I could live in a steel lined cave with a gazillon locks on the door in order to feel safe. But would I? No. Pretty much everything else I have to say on the subject has been already posted so I'm not going to repost them intertwined with your postings.

Until now, I've only taken the liberty to set a couple of YouTube users straight (privately)

Yay for you.

get a hell of an attorney and have it on a call basis.

This gets the drama queen vote for the week.

Link to comment

Security and privacy are extremely important topics for Evernote users, and for good reason. Evernote would like to provide a single service to manage your memories for many years. To achieve this, we must provide a very high level of system and data security while offering users a variety of choices to manage their own privacy requirements. Here's a high-level overview of some of the ways in which your data is protected by Evernote.

  • When you add a note to the service, it is secured like your email would be at a high-end email provider. This means that your notes are stored in a private, locked cage at a guarded data center that can only be accessed by a small number of Evernote operations personnel. Administrative maintenance on these servers can only be performed through secure, encrypted communications by the same set of people. All network access to these servers is similarly protected by a set of firewalls and hardened servers.

  • User data is not publicly accessible (e.g. via search engines) unless a user explicitly publishes one or more of their notebooks, in which case they may be accessed by other users.

  • Your login information is only transmitted to the servers in encrypted form over SSL, and your passwords are not directly stored on any of our systems.

  • And, for all of our members, all note data is transferred over SSL, not just your login credentials.

We also offer enhanced privacy options that would not be available from services like email:

  • If you have sensitive text that you would like to remember (passwords, PINs, credit card numbers), you can encrypt that text in our clients using a passphrase that is never transmitted to Evernote. This encrypted text can only be decrypted and read on one of your computers after you’ve re-entered the encryption passphrase. The sensitive text is not readable on our servers or on your computer by anyone who does not know the passphrase.

  • If you have some notes that you only want to access from a single computer, you can place these into a “Local Notebook” on our Windows or Mac client. Notes in a Local Notebook are never transmitted to our service, so they aren’t accessible from the web, or from your other computers. This may allow a greater level of privacy for some notes, at the expense of the accessibility and reliability you would get from a private note on the service.

We recognize that user choice is an important component of privacy and security. We believe that no single option is going to meet the needs of all users, so we aim to offer a set of tools that let people balance their needs for accessibility, privacy and control.

Several of the company's founders (myself included) come from a strong encryption background (founders of CoreStreet, acquired by ActiveIdentity). For Evernote's consumer product, the current encryption algorithms are chosen more for exportability under the Commerce Department rather than strength, since our software permits the encryption of arbitrary user data with no escrow.

We'd be interested in offering something stronger in the future when we have the staffing to fight the lengthy export battle, but until then, we continue to advise users to use an external encryption solution to encrypt important files and then add these encrypted into Evernote.

Link to comment

While I find security a priority issue with me, I find your post not applicable to Evernote, no matter how much you want it to be. IMO, yes, a USER should ultimately be responsible for his/her own data. Not each & every individual app they may use.

User should not be responsible of data once it leaves their client-side. There is no way a user can predict or prevent a breach in the server-side. That demarc point is important, specially in court.

Additionally, security must be balanced with usability. I could live in a steel lined cave with a gazillon locks on the door in order to feel safe. But would I? No.

You seem to think that security of any kind is just futile. Although it is well known that even perfectly layered security is penetrable one way or the other, the whole purpose is to discourage attackers by making it hard to get through. Database encryption with 128 bits would force the attacker to guess between 1 and 1^38 (1 followed by 38 zeros) or 149.7 trillion years to brute force the crypto key. Now... would it be worth it for anyone to spend 150 trillion years to do this? NO. :)

I offered a suggestion worth pursuing about doing OCR and Indexing when the key is on the clear at the client side. That's what LastPass, DocsVault and even DA Document Manager for WHS (in a limited way) do. Again, there are solutions when they are pursued, not when they are shutdown with a lazy excuse of the it's "not practical" kind.

Yay for you.

What kind of comment is that? I tell you which one, a condescending one. Ignorance is bliss.

This gets the drama queen vote for the week.

Another ignorant comment that doesn't add to the discussion of a serious concern. Maybe you should stay away from contributing in this type of discussions. It certainly doesn't make other users welcome to your community, something the OP predicted.

------------

@ Heather: Unfortunately, no one is putting data transmission or physical access to the servers in doubt. The problem is, without database encryption, it doesn't matter what type of measures you have in place physically or in client-server transmission. If only one node of your servers is compromised, it's all over. Just look at Sony's example I provided. Then all the info your company suggested by admission for your users to upload to those servers is compromised. I'm aware of the work Phil did in Engine 5 and CoreStreet, and that's even more reason why it amazes me database encryption seem to be such a hard nut to crack in EN. In addition, I'm not sure if you are aware that many companies decide to offer strong encryption to US/Canada users only, to avoid export issues. Bringing the standard down across the board seem as much of a bad idea as no encrypting databases.

Link to comment

Our work at CoreStreet (and previously, with other branches of government), actually made us *truly* understand the concept of personal liability.

You mention the Sony Playstation issue - there are other famous cloud security breaches as well. There seems to be another every week. We're very transparent here at Evernote. We are honest and up-front about our limitations. We attempt to clearly explain the limitations of cloud security to our users, loudly and often. Not just for Evernote, but for all cloud companies.

And for this reason, we explain to users the importance of thinking about what they're placing in the cloud, whether it be in our service or another, and explain how to take the personal responsibility to protect their data when they do so.

Link to comment

Our work at CoreStreet (and previously, with other branches of government), actually made us *truly* understand the concept of personal liability.

You mention the Sony Playstation issue - there are other famous cloud security breaches as well. There seems to be another every week. We're very transparent here at Evernote. We are honest and up-front about our limitations. We attempt to clearly explain the limitations of cloud security to our users, loudly and often. Not just for Evernote, but for all cloud companies.

And for this reason, we explain to users the importance of thinking about what they're placing in the cloud, whether it be in our service or another, and explain how to take the personal responsibility to protect their data when they do so.

Yet, you recommend users to upload tax information (and all other information I mentioned in my first post) in your program. That just doesn't make sense. Could you please explain why are you recommending users to upload taxes, location (trip itinerary and routes), identifiable documents such as passports and also recommend schools to put our kid's info in an application that by your own admission is "limited" in security? http://blog.evernote...ared-notebooks/

I highly doubt the MK Academy will be able to make sure students don't add personal identifiable information in Evernotes, but I guess that's their problem if you get breached.

Link to comment
  • Level 5*

@heather: In light of this recent discussion, do you have any comments on my idea to provide for encrypted Note Content for user selected Notebooks?

The way I am reading your statements in this thread is that we should NOT put any info into Evernote that could cause us harm if it were obtained by an unauthorized party.

  • The potential harm is difficult and time consuming to determine on a case by case basis.
  • So I think this means just EXCLUDING ALL financial, legal, medical, business sensitive, and personallly sensitive documents and information.

This likely covers a big chunk of our "memories" that we would like to store in Evernote, but we are now afraid to do so.

As for password protected notebooks - one of the major benefits of Evernote is our indexing system. That is what sets us apart from everyone else in the industry. If we can't index your data for searching, we honestly don't understand why you would want to use our product instead of anyone else's. It basically just turns us into file storage.

I'm not sure what password protecting a notebook fully implies, but let's assume for a moment that it means you encrypt the Note contents, but NOT the Note metadata.

If so, then EN searching could still be very powerful/useful as you can search for tags, title, dates, and other metadata.

So, we could have a Notebook whose Notes contents are more secure while still allowing useful searching.

Just a thought.

There is the possibility of encrypting note content (note body, attachments) and not the metadata (note title, tags, created date, creation source, etc). It is a interesting middle ground. I'm not sure it is something that I'd be completely happy with, but maybe I'd use it sometimes

EDIT: Added a huge category of "memories" I forgot: Medical

Link to comment

I store all of these documents you've mentioned within Evernote (and you can find me saying so on these boards, all the way back to 2008, when I first got here.) Anything text that I deem sensitive, I encrypt. Any PDFs that I would consider sensitive, I encrypt before adding. I've also recommended all of this, many times on here, and have directed my Support team to do the same. Our Evangelists also recommend the same "mantra", not because we've asked them to (they're they're own people), but because it's just good sense.

There are "cute" posts on our blog, and there's also our tech blog, and more security centric posts. Not *every* post we make needs to remind everyone to practice common sense.

Link to comment

I store all of these documents you've mentioned within Evernote (and you can find me saying so on these boards, all the way back to 2008, when I first got here.) Anything text that I deem sensitive, I encrypt. Any PDFs that I would consider sensitive, I encrypt before adding. I've also recommended all of this, many times on here, and have directed my Support team to do the same. Our Evangelists also recommend the same "mantra", not because we've asked them to (they're they're own people), but because it's just good sense.

There are "cute" posts on our blog, and there's also our tech blog, and more security centric posts. Not *every* post we make needs to remind everyone to practice common sense.

Heather, I would suggest, putting a nice disclaimer in those "cute" posts that most users will read. End-users don't care about the security posts where I found most useful information, however they still need to be made aware of the risk they run if they don't encrypt PDFs before uploading. You see, educating users of risks and limitations should not be limited to obscure technical blogs and forum postings that need to be researched. Anything less is just playing with the non-technical user's trust and I find it unacceptable. Personally I don't care about the evangelists, fanboys are fanboys regardless of labels and they isolate those non-fanboys (yet hopeful) users fairly quickly.

There is, I think some other people have mentioned here, a good opportunity for Evernote to become an all-inclusive integrated memory archiving system. However, that won't happen (and I think it shouldn't happen) unless encryption security is integrated in the upload process and at server-side storage. I also think the same way as other users which mention that encrypting documents (PDF, attachments, etc..) individually is just awkward. Believe me, my wife and I (and hopefully someday my daughter as well) wants to use Evernote to save our memories in the cloud, but if we have to encrypt one memory at the time, then... I'll have to stick with my aging Windows Home Server.

Link to comment
  • Level 5*

Yawn, really...take responsibility for yourselves. Read about what Evernote offers, if it's good enough for you then use it. If it isn't then don't.

Fanboys!!! Straight to the top of my favourite posters.

Link to comment
  • Level 5*
Fanboys!!! Straight to the top of my favourite posters.

*sigh* They never learn -- it's always so much more cutting when they use "fanboi" instead of "fanboy". I am thinking of changing my forum moniker to "Evernote Fanboy", though.

Ah well, prediction: He disappears over time. He's not an idiot, probably not altogether wrong, but he has his stance on security and Evernote has theirs. His point is made, and ranting to no avail in the forum can wear thin. It's fun and righteous and all that, but after a while...

In the mean time, the rest of us Evernote users will go on using Evernote as we have to date. Encrypt your stuff when it makes sense, leave it alone when it's not needed.

Link to comment
  • Level 5*

Yawn, really...take responsibility for yourselves. Read about what Evernote offers, if it's good enough for you then use it. If it isn't then don't.

Fanboys!!! Straight to the top of my favourite posters.

Thank you for making my point. :)

You made your point and at some considerable length, unfortunately for you with the exception of the Fanboys and Evernote staff very few people seem to care enough to even post in here.

Guessing you misjudged something somewhere along the line....

Link to comment

You made your point and at some considerable length, unfortunately for you with the exception of the Fanboys and Evernote staff very few people seem to care enough to even post in here.

Guessing you misjudged something somewhere along the line....

I mentioned in the first post that most people are oblivious to the depth of the issue. I don't expect them to care about it, until their information is stolen right out of EN's servers which at that point, it would be too late. Does that mean the problem doesn't exist? Hardly so.

In addition, security concerns have been voiced in your forum for a while now; It's not a rare occurrence by any means. Most of them are shutdown by Evans and even Staff who fail to realize the value integrated security improvements would give to the application.

Recently, Phil voiced his concern about most people signing up for Evernote don't stay and move on. I think an increasing number of those people will realize the huge security hole in the back of Evernote as a cloud service and move on without saying much. Evernote's ability to grow as a platform will be measured in their willingness to cater to all users, not just those who want to share recipes only, or have the time to encrypt every other document they want to upload.

Link to comment
  • Level 5

Recently, Phil voiced his concern about most people signing up for Evernote don't stay and move on. I think an increasing number of those people will realize the huge security hole in the back of Evernote as a cloud service and move on without saying much. Evernote's ability to grow as a platform will be measured in their willingness to cater to all users, not just those who want to share recipes only, or have the time to encrypt every other document they want to upload.

Following is from the December issue of Inc Magazine naming their Company of the Year: Evernote.

Then Libin showed activity rates, or, roughly, how often an average user was actually using Evernote over time. For many software companies, that curve runs relentlessly downward. Most people who try an app abandon it pretty quickly or use it less frequently as time goes on.

But for Evernote,
the curve was a smile
. There was a slight drop-off in usage after the first few months, but then it went up again—not only because active users were finding the service more and more useful, but also because customers who had stopped using the service were returning to it. People who left Evernote missed it.

Morgenthaler invested. So did Sequoia Capital, another top Silicon Valley VC firm. So did other VCs. Altogether, Evernote has raised $95 million. "We didn't need most of the money," says Libin. "But that's when you can get it, so we took it." Evernote didn't need it because the company became profitable early in 2011, not long before hitting 10 million users and reaching annual sales of about $16 million.

Latest number I've seen is that Evernote's "ability to grow" is doing very well. They have over 20 million users now..

Link to comment
  • Level 5*

I've been waiting for Evernote to take security seriously for over one year.... I shouldn't mention to those small business owners (specially in healthcare and accounting fields) that entrusting their client's information in a company that is not HIPAA or Sabares-Oxley compliant is a very bad idea. ....I (in my narrowly limited mind) only see two solutions to this issue: 1) Get better engineering to put security at the forefront of the application for the sake of those (regardless of how many) who use it in the ways you suggest, or 2) get a hell of an attorney and have it on a call basis.

thanks for offering us a really thought-out position on security and evernote. i think you made some good points, but they were all based on the assumption that client-side encryption/protection is a poor solution to security issues. heather has provided concrete details about security procedures at evernote showing that they take it seriously and are quite familiar with security issues. it has also come up in other threads in the forums, and i remain unconvinced that the current system is a problem. i wouldn't mind more security. i've asked for more in other threads. but, there is nothing "wrong" with the current system as far as i can tell.

you can justifiably disagree with their decision to leave the burden of protecting sensitive data on users, but i want to stress that this is neither neglect of customer needs (as you imply in your final point #1) nor illegal (as you imply in point #2). it is a policy, and one that is not terribly far removed from that of your email service provider. you need to take the same precautions with evernote as you would with any email.

this seems fair and responsible to me. if you could be more specific in your accusations, particularly the illegality of their suggestions for how to use evernote, i think we could have a more fruitful discussion. for example, you mentioned hipaa, but to the best of my knowledge, the medical community is well-aware that evernote is inadequate if you plan to meet these guidelines. evernote does not claim to be compliant with hipaa guidelines, and if i am not mistaken, they have specifically addressed the issue by saying they do not plan to become compliant. in other words, they have taken a responsible position in making the limitations of their service clear. right?

Link to comment

Recently, Phil voiced his concern about most people signing up for Evernote don't stay and move on. I think an increasing number of those people will realize the huge security hole in the back of Evernote as a cloud service and move on without saying much. Evernote's ability to grow as a platform will be measured in their willingness to cater to all users, not just those who want to share recipes only, or have the time to encrypt every other document they want to upload.

Following is from the December issue of Inc Magazine naming their Company of the Year: Evernote.

Then Libin showed activity rates, or, roughly, how often an average user was actually using Evernote over time. For many software companies, that curve runs relentlessly downward. Most people who try an app abandon it pretty quickly or use it less frequently as time goes on.

But for Evernote,
the curve was a smile
. There was a slight drop-off in usage after the first few months, but then it went up again—not only because active users were finding the service more and more useful, but also because customers who had stopped using the service were returning to it. People who left Evernote missed it.

Morgenthaler invested. So did Sequoia Capital, another top Silicon Valley VC firm. So did other VCs. Altogether, Evernote has raised $95 million. "We didn't need most of the money," says Libin. "But that's when you can get it, so we took it." Evernote didn't need it because the company became profitable early in 2011, not long before hitting 10 million users and reaching annual sales of about $16 million.

Latest number I've seen is that Evernote's "ability to grow" is doing very well. They have over 20 million users now..

According to Devindra Hardawar from MobileBeat, a little over 1/3 of new accounts stay active in the application, although those who stay do find increased value as they use it more and more therefore generated revenue:

The March 2008 cohort, for example, consisted of 31,334 users. By June 2008, only 11,000 of those users remained, and the company earned a measly $700 from them in that month. But by January 2011, those users ended up contributing over $10,000 in a month. That’s because users find Evernote more valuable the longer they use it, which leads them to subscribe to premium features.

Some of that money should have been used to ramp up security rather than acquire other start-ups making the a secure app ecosystem even more complex to tackle. They'll have to do this soon or later and we know it.

http://venturebeat.c...-mobile-summit/

if you could be more specific in your accusations, particularly the illegality of their suggestions for how to use evernote, i think we could have a more fruitful discussion. for example, you mentioned hipaa, but to the best of my knowledge, the medical community is well-aware that evernote is inadequate if you plan to meet these guidelines. evernote does not claim to be compliant with hipaa guidelines, and if i am not mistaken, they have specifically addressed the issue by saying they do not plan to become compliant. in other words, they have taken a responsible position in making the limitations of their service clear. right?

Medical records is an issue when you have a psychologist in YouTube named Jeffrey A. Betman who says uses the program. He doesn't specify whether he uses it for professional purposes, but he does infer he uses it constantly. That's a possible HIPAA issue there. There are other usage the company is aware they are happening even though their security is not to par with industries like accounting (look up my links to articles in EN website) and law. In Facebook, Evernote presented an user profile for Andrew Flusche, a young and upcoming lawyer from Fredericksburg, VA who uses Evernote for everything, including client's info and apparently believes that's acceptable. Now, lots of you say you are confident you use Evernote safely, but... would you risk your lawyer using Evernote when it's your information that might be at risk as his client?

If Evernote is letting users know of their limitations and unwillingness to be secure, then they are doing a really bad job by sending mixed messages. Do you think there won't be legal complications if this young lawyer's client info is compromised? Legal issues would arise to both him and from him to Evernote. Not that it's illegal to be insecure in non-regulated industries, but it would be up to a judge to decide if Evernote did enough to prevent loss of data and possible financial damage to their users.

BTW, not sure if you guys had read this before, but Mary Landersman, and old-time telecom security expert from About.com had the following to say about Evernote's text/note encrypting abilities: http://antivirus.abo...evernotetip.htm

Premium users can highlight a portion of text notes for an an additional layer of password protection, but third-party tests reveal that in the local database, the selected text still remains searchable in plain text. Further, whole notes, images, and notebooks cannot be encrypted. Of course, you could secure the local database using third-party encryption tools, but that would prevent access from other devices (and defeat the purpose of being "in-the-cloud").

Bottom line: storing unencrypted data on an Internet-facing server is not a great idea.

Link to comment
  • Level 5*

again, you raise important issues, but you haven't responded to my argument that evernote has taken a responsible position in making the limitations of their service clear. you continue to imply that evernote is somehow going to be criminally liable if someone misuses the service, but you provide no evidence for this beyond vague assertions.

specifically, if a lawyer, doctor, teacher, or other professional in possession of sensitive data uses evernote, then they need to do it with at least the same level of care they would exercise with their email service provider. evernote is no more "illegal" than email services. and, it makes no claims to be any more secure. in fact, evernote has explicitly compared themselves to such services, and made it clear that users are in charge of protecting their data in response to their individual situations.

1. jeff bateman. if he is storing records in evernote in violation of federal or state law, then he is at fault. not evernote. it is up to the user to decide what security precautions are necessary for their individual cases. for your own medical records, i would recommend encrypting the pdf before uploading it to evernote. for someone else's medical data, refer to hipaa or other guidelines and follow those. evernote may not be appropriate for your use case, but that decision is yours to make.

2. accounting and law. see #1.

3. facebook lawyer. see #1.

4. mixed messages. i couldn't find your links. could you repost them? if there is confusion out there, it ought to be addressed, but here is what evernote says:

https://support.evernote.com/link/portal/16051/16058/Article/1638/A-Brief-Overview-of-Evernote-Security

Evernote's service is primarily a consumer cloud memory service. This is reflected in our pricing model (free for most users with a single "Premium" tier of $45/year). While we're certainly happy to support professionals to use Evernote within their offices, we aren't actively pursuing an enterprise sales model (a la Salesforce.com).

As a consumer Internet service, we don't pursue enterprise certifications such as FISMA, HIPAA, etc. We manage our own servers at a Tier 3 data center (Quality Tech) in Santa Clara, which is itself SAS70 certified. All software and data is managed by Evernote's internal IT/Operations staff.

User data is not publicly accessible (e.g. via search engines) unless a user explicitly publishes one or more of their notebooks, in which case they may be accessed by other users.

http://blog.evernote.com/2008/04/15/evernote-privacy-and-security/

Security and privacy are extremely important topics for Evernote users, and for good reason. Evernote would like to provide a single service to manage your memories for many years. To achieve this, we must provide a very high level of system and data security while offering users a variety of choices to manage their own privacy requirements. Here is a high-level overview of some of the ways in which your data is protected by Evernote. When you add a note to the service, it is secured like your email would be at a high-end email provider. ....

i am sure there is more out there. about.com isn't my go-to site for information. can you provide another link that would support your claims (as i read your posts) that evernote is misleading customers and operating outside the law?

Link to comment
  • Level 5*

BTW, not sure if you guys had read this before, but Mary Landersman, and old-time telecom security expert from About.com had the following to say about Evernote's text/note encrypting abilities: http://antivirus.abo...evernotetip.htm

This article, Seven Deadly Sins: Evernote Tips You Should Avoid, by Mary Landesman, should be read by ALL Evernote users, IMO.

Each user can then make up their mind about what to store in Evernote.

It is a very clear and well-written article, and sticks to the facts as best as I can tell.

Ms. Landesman presents 7 Evernote Tips (which are apparently available elsewhere) which illustrate common uses of Evernote for storing info that could be at risk.

Bottom line: storing unencrypted data on an Internet-facing server is not a great idea. With that in mind, following are seven of the worst Evernote (or any cloud-based storage) tips:

  1. I'm a teacher. I use @evernote to create individual portfolio files for each student, documenting everything.
    Why it's bad: Compromise of the teacher's Evernote credentials potentially exposes sensitive details on students, who also likely happen to be minors. This tip is not only a security risk to those students, it potentially has legal ramifications for the teacher (and the school at which they teach).
  2. Store credit card statements.
    Why it's bad: Credit card statements often include the account number. Exposure could lead to increased risk of credit card fraud.
  3. Store login names and passwords for websites (tag with Login to see them all together)
    Why it's bad: Attackers who gain entry to your Evernote account now potentially have access to all your online accounts.
  4. Build family medical portfolios including medical history, allergies, pictures of medications, receipts.
    Why it's bad: In the past, cybercriminals who have stolen medical information have sometimes blackmailed the victims. Unless this is information you would feel comfortable sharing with friends, neighbors or even strangers, it is best not stored in-the-cloud.
  5. Keep family social security numbers (and other info) in an encrypted note for easy, secure access.
    Why it's bad: Exposure leaves your entire family at risk of identity theft. This type of sensitive information is best kept in a locked file cabinet, not in-the-cloud.
  6. Keep router/firewall settings (addresses, passwords, open/closed ports, etc.) handy and nearby.
    Why it's bad: Attackers who gain access can use this information to reconfigure DNS settings on your router or enable their own access to your network.
  7. Take a photo of your passport and send it to Evernote. If it's lost or stolen, you can still show the embassy your info.
    Why it's bad: A photo of your passport makes it that much easier for counterfeiting. A safer bet would be storing only the passport number (in encrypted form).

Link to comment
  • Level 5*

@JM

personally, i think the article is rather mean-spirited. it targets evernote, when the real target (as put in the parentheses) is cloud storage. it's like attacking ford for using highly flammable and explosive material to power its vehicles (gasoline) when it is really an issue for all vehicles using an internal combustion engine.

a fair article would have been written with gmail and other services in mind as well. in other words, it isn't a security issue at evernote, but a known and understood weakness of anything exposed to the internet.

i do agree that everyone ought to read it for the advice it gives. but, the article doesn't support the poster's point. in other words, the article tells you to be careful with what you store and how you store it, because evernote does not provide encryption. this is exactly what evernote says.

so, circling back, the poster is throwing about baseless allegations about the neglect (point #1) and illegality (point #2) of evernote's service.

Link to comment

Premium users can highlight a portion of text notes for an an additional layer of password protection, but third-party tests reveal that in the local database, the selected text still remains searchable in plain text.

This is outdated and untrue. There was a bug, in one version of our beta clients, for a very short time, where this was happening. Now, if you export an .enex with the text encrypted, it remains encrypted.

However, if you have decrypted the text and export the note while the text has been encrypted, then yes, it will be exported in plain text. We're exporting the current note state.

Additionally, we rebuild the sqlite search index to remove encryption information once you encrypt that information from a note. It is removed from our servers once you sync.

Link to comment

@GrumpyMonkey, I'm not a judge, nor I claim to be. Therefore, I answered your question when I said, "it would be up to a judge to decide if Evernote did enough to prevent loss of data and possible financial damage to their users." Damage claims would be tested against laws such as the US Patriot Act, Electronic Communications Privacy Act, Children's Online Privacy Protection Act and the Gramm-Leach-Bliley Act. I'm not here to discuss legal technicalities since that's not my field. I'm sure EN's legal team has a much better grasp of their liabilities and responsibilities to the users from a legal standpoint.

I agree, professionals who use this service for non-personal work should (and probably would be) liable based on their own practices. But I find it disconcerting that more and more sanctioned examples of EN usage provided by the company involve professional and institutional use. Security risk disclaimers should be attached to each and all of those examples, you know... just to remind professionals that this is an unencrypted internet-facing server infrastructure.

@Heather, thank you for setting the record straight. Your RP staff should probably send a note to Mary, so she can update the article on that one point.

Link to comment
  • Level 5*

@JM

personally, i think the article is rather mean-spirited. it targets evernote, when the real target (as put in the parentheses) is cloud storage. it's like attacking ford for using highly flammable and explosive material to power its vehicles (gasoline) when it is really an issue for all vehicles using an internal combustion engine.

Sorry, I don't see ANY "mean-spirited" language in this article. True, it is focused on Evernote, but there is nothing wrong with that.

Some reviews focus on a broad topic like "cloud based storage" while others focus on a specific product.

It appears to me that this was written in response to "Evernote Tips" that are being promoted on the Internet.

The author, correctly so IMO, says that some of these "tips" were in fact serious security risks and is trying to keep the public informed of such.

Forget about personalities. I don't care about proving or disproving any one person.

Let's focus on the real issue here: Evernote Security.

I do think that to a certain extent, Evernote has put mixed messages regarding security.

Clearly there are some Evernote articles and posts by Employees that state there is no encryption of Notes on the Server.

On the other hand, there are some Evernote Blogs, written by Evernote users but published by Evernote, that seem to imply/suggest that Evernote security is good enough for info that some of use would consider sensitive.

It is now pretty clear to me that I need to do what Heather says she does:

I store all of these documents you've mentioned within Evernote (and you can find me saying so on these boards, all the way back to 2008, when I first got here.) Anything text that I deem sensitive, I encrypt. Any PDFs that I would consider sensitive, I encrypt before adding.

As I said in an earlier post, this adds a lot of work/time to storing my "memories". I suppose I just have to either not store in Evernote cloud, or encrypt every sensitive document I put into Evernote.

This is where having a designated Notebook that all Notes are auto-encrypted would be a great help.

Link to comment
  • Level 5*

GrumpyMonkey, I'm not a judge, nor I claim to be. Therefore, I answered your question when I said, "it would be up to a judge to decide if Evernote did enough to prevent loss of data and possible financial damage to their users." Damage claims would be tested against laws such as the US Patriot Act, Electronic Communications Privacy Act, Children's Online Privacy Protection Act and the Gramm-Leach-Bliley Act. I'm not here to discuss legal technicalities since that's not my field. I'm sure EN's legal team has a much better grasp of their liabilities and responsibilities to the users from a legal standpoint.

my ex-girlfriend might be a lousy, conniving, lying, cheating, jerk. But, that would be up to you to decide... :(

I agree, professionals who use this service for non-personal work should (and probably would be) liable based on their own practices. But I find it disconcerting that more and more sanctioned examples of EN usage provided by the company involve professional and institutional use. Security risk disclaimers should be attached to each and all of those examples, you know... just to remind professionals that this is an unencrypted internet-facing server infrastructure.

i don't find evernote promoting their product for professionals to be disconcerting. i do think it would be a very good idea for evernote to provide advice (not security risk disclaimers) about proper practices in each tip/blog post.

Link to comment

my ex-girlfriend might be a lousy, conniving, lying, cheating, jerk. But, that would be up to you to decide... :)

She sounds like a real *****. Feel sorry for you. :(

---------

Anyways, about the actual security concerns.

I think no one has answered yet JMichael's question about allowing at least partial server-side DB encryption in notebooks. Is it, or is it not, feaseable (even at some point in the future) to allow mass encryption rather than relying on end-user know-how? It would potentially save a lot of time for users and offer more value for professionals and institutions.

Link to comment
  • Level 5*

@Heather: One of the main points I have learned from this discussion is that there needs to be an improved user awareness of the limitations of Evernote security.

To that end, you may want to consider including a statement in several prominent places on your web site, and in ALL blogs something like this:

Your Notes and Attachments are not encrypted on our servers, so you may not want to store text/attachments that are sensitive without first taking some precautions on your end. For more info see
Evernote Security
.
Link to comment
  • Level 5*

no, no, no! she isn't an offensive word ;)

it was a joke obliquely pointing out that the way you phrased your comments about evernote were actually attacks on the service. it's a rhetorical device (fallacy of presupposition?) people use to avoid making a claim directly.

in other words, if you don't have any evidence to back up a claim, then you would be better off not suggesting that evernote get lawyers or that evernote "might" be sued.

Link to comment

Archived

This topic is now archived and is closed to further replies.


×
×
  • Create New...