Jump to content

(Archived) (Archived) REQUEST: Additional encryption options for notebooks and syncing


Recommended Posts

  • Level 5*

i am sure evernote has reasons. if i were them, i'd be glad i don't have the responsibility of encrypting and protecting everything. leavin that responsibility to the customer surely relieves them of a huge burden, and allows them to focus on other aspects of the product.

still, it is good to express your opinion and give them an idea of what we desire. if they listen (they seem to), great. if they listen and implement, even better.

i would suggest that a super premium account with added security for professionals would be a worthwhile project, though. might as well make money off of our paranoia :)

Link to comment
  • Replies 786
  • Created
  • Last Reply
  • Level 5*
if i were them, i'd be glad i don't have the responsibility of encrypting and protecting everything. leavin that responsibility to the customer surely relieves them of a huge burden, and allows them to focus on other aspects of the product.

Two points:

  1. Nobody asked for Evernote to encrypt "everything".
    • Since Evernote already provides encryption for blocks of text, why should it be such an issue to encrypt all Notes in a selected Notebook?

  • Security is a basic feature of any cloud-based data storage app.
    • In the early days of the Internet few were concerned about security.
    • First we had password protected data
    • Now we have learned that encryption may be required in many cases.
    • The lack of security may reduce user adoption and/or use of the app
    • Most users don't know how, and don't want to know how, to manually encrypt their own data on a document by document basis.
    • They want it done automatically (just like they don't want to learn/write HTML code to have rich text).

Link to comment
  • Level 5*
if i were them, i'd be glad i don't have the responsibility of encrypting and protecting everything. leavin that responsibility to the customer surely relieves them of a huge burden, and allows them to focus on other aspects of the product.

Two points:

  1. Nobody asked for Evernote to encrypt "everything".
    • Since Evernote already provides encryption for blocks of text, why should it be such an issue to encrypt all Notes in a selected Notebook?

  • Security is a basic feature of any cloud-based data storage app.
    • In the early days of the Internet few were concerned about security.
    • First we had password protected data
    • Now we have learned that encryption may be required in many cases.
    • The lack of security may reduce user adoption and/or use of the app
    • Most users don't know how, and don't want to know how, to manually encrypt their own data on a document by document basis.
    • They want it done automatically (just like they don't want to learn/write HTML code to have rich text).

thanks for the thoughtful responses jm.

1. actually, i did ask evernote to encrypt everything (somewhere on these forums). i also asked them to encrypt notebooks. doing either of these things may or may not be technically feasible. my point in the passage you quoted was merely that evernote would have to take responsibility for the data that gets encrypted (everything in the account or everything in the notebook), and i can imagine a lot of messy complications with encrypting someones audio files or pdfs, plus the fact that there are apparently laws that require them to offer relatively weak encryption. as soon as someone's files get corrupted, or hacked (seems entirely likely with the weak encryption), then it blows up in their face. it is false security, and that is precisely what evernote has said it does not want to offer. i am just speculating, of course, but it seems to me that this is a potential reason why evernote might be wary of going down this road.

2. evernote has a lot of security. i was never questioning that. your account is password protected. that is a really important first step, especially if you take responsibility for using long, random character strings, that change on a regular basis. your data is transmitted securely from your device to the server. the physical servers are protected with safeguards and have restricted access only to certain employees. this stuff has been covered on the forums and elsewhere. it could have more, of course, but it is basically as secure as many people's email services (often used to send sensitive material). while not impregnable, it demonstrates a commitment to a certain level of security, and they are very straightforward about that in the forums and on their site. i may just be poorly-informed, but i am not aware of many other cloud services that will both store your data with encryption and search through the contents for you. onenote does, i think. dropbox, sugarsync, etc. certainly don't. encryption is messy and a pain. that's why very few of us encrypt our email communications. evernote cannot easily solve this. i have no idea how they would deal with remembering passwords, but keeping those secure as well, while figuring out some way to make sure every single platform can deal with the encryption.

Link to comment

Two points:

  1. Nobody asked for Evernote to encrypt "everything".
    • Since Evernote already provides encryption for blocks of text, why should it be such an issue to encrypt all Notes in a selected Notebook?

Beg to differ with you there - lots of people are asking us to do just that. And as I said way back in the early pages of this thread, it's kind of antithesis to the whole point of Evernote. We kind of don't understand why you would want to *use* Evernote if you can't use the major whiz-bang features of it. For example, if we introduced full notebook encryption, presumably we'd have to have a way to *decrypt* those notebooks on all the clients that we sync to as well, or your notes would be worthless everywhere except where they're decryptable.

Additionally, on the mobile clients, even if you could decrypt them, you'd be limited to scrolling through your notes in those notebooks to locate the one you want, because we don't index encrypted content. So, it just makes us a really unwieldy note program.

  • Security is a basic feature of any cloud-based data storage app.
    • In the early days of the Internet few were concerned about security.
    • First we had password protected data
    • Now we have learned that encryption may be required in many cases.
    • The lack of security may reduce user adoption and/or use of the app
    • Most users don't know how, and don't want to know how, to manually encrypt their own data on a document by document basis.
    • They want it done automatically (just like they don't want to learn/write HTML code to have rich text).

I agree with you in theory, however - it's the "awareness" that true security resides in the hands of the user that is so important and necessary. If we rely on other people to do things for us (like keep our private files secure) we can often overlook problems that exist. I'm not saying that corporations have no liability here - the burden is huge on us to keep data safe - but there's only so much we can do.

For every automatic timeout we set in our clients, we get people who complain that they are there in the first place. For every password lock that we have, we get people who complain that it isn't enough. And, for *every* encryption password that is lost, we get people who complain that we don't keep them on file to get their data back.

Link to comment
  • Level 5*

Two points:

  1. Nobody asked for Evernote to encrypt "everything".
    • Since Evernote already provides encryption for blocks of text, why should it be such an issue to encrypt all Notes in a selected Notebook?

Beg to differ with you there - lots of people are asking us to do just that.

I stand corrected. I broke my own rule about not using always, never, everyone, no one, etc. :)

I should have said that many of us are asking only for partial encryption -- not everything.

And as I said way back in the early pages of this thread, it's kind of antithesis to the whole point of Evernote. We kind of don't understand why you would want to *use* Evernote if you can't use the major whiz-bang features of it. For example, if we introduced full notebook encryption, presumably we'd have to have a way to *decrypt* those notebooks on all the clients that we sync to as well, or your notes would be worthless everywhere except where they're decryptable.

I guess we are both repeating ourselves in this thread.

As I (and others) previously stated, there is still a lot of the "major whiz-bang features" like Search that can be used if you encrypt ONLY the Note text and attachments, but do NOT encrypt the metadata.

Search using the Title, Tags, Dates, and other attributes will provide an excellent means of finding our encrypted Notes without having to search for text within the Note.

I previously showed an example of how Adobe Acrobat does exactly this.

I agree with you in theory, however - it's the "awareness" that true security resides in the hands of the user that is so important and necessary. If we rely on other people to do things for us (like keep our private files secure) we can often overlook problems that exist. I'm not saying that corporations have no liability here - the burden is huge on us to keep data safe - but there's only so much we can do.

We may be saying the same thing here, but I'm not sure.

IMO, it is the user's responsibility to choose a tool to provides the security he/she needs.

End users generally can not provide the security/encryption, but must use the appropriate tools.

It is the software developer's responsibility to provide the security the user needs, or the user may choose other software.

I think, in the case of Evernote, many of us like very much the basic features of Evernote, and how it works so well via the cloud on so many devices, but feel that it is falling short of the security we would like directly from Evernote.

Link to comment

Hi, well I've given up, I've been asking for this for over a year now with as far as I have seen no definitive answer. I am in the process of transferring all my confidential notes to OneNote and then when my Premium account expires, after 3 years, at the end of this week I will not be renewing it. I can access my Onenote online using Windows Live and on my iPhone with the free app, not as convenient as Evernote so I'll still use the free version of Evernote for basic web clipping but for anything important I will use OneNote - which I can encrypt by section or note. Just as an aside I looked at Evernote as a possible document management system for a company I consult to, but it was eliminated very quickly because of the low level of security.

Link to comment

The book Total Recall (by Gordon Bell and Jim Gemmell) has been mentioned several times on the podcast. This book is a great read for any Evernote user, as it talks about how the future will be with e-memory, much of it already available in Evernote. Chapter 10 begins with:

"If the world follows my lead, Total Recall will be a very private matter. Encryption will be universal, e-memories will reside in Swiss data banks, and sharing will be careful and limited".

Link to comment
  • Level 5*

It seems to me that Heather has been extremely clear on Evernote's stance on this - it also looks like short to medium term not much is going to change and so if the current state doesn't work for you, well then you should probably look for an alternative.

Link to comment
  • 2 weeks later...

I'm back... Hell yeah! lol

All good posts with good ideas and eloquent arguments specially from JMichael and GrumpyMonkey. It's all good and dandy, if Evernote wants to take the easy road to leave encryption solutions (most of them except plain text at least) out of their business plan; I would also 'suggest', to leave marketing to businesses and professionals out of the business plan as well, just saying...

It's kind of funny that we keep comparing EN's security to email when email is well known to have no security features. All the opposite, email should always be compared to a post card. Email is as secured as a note in a piece of paper passed from one end of a room to another via several people as medium. Not a very good analogy to use when referring to security at all.

Heather, it's well accepted that the weakest link is the user in any security policy. However, to use that as an excuse it's just well...sad. Let me put it this way. Let's say a network security engineer in an enterprise environment decides that proxy servers, database encryption, firewalls and IDS/ADS are useless because they offer a false sense of security to the users. The users, in this engineer's mind, will somehow get around computer usage policy by ignorance or on purpose and end up getting a backdoor downloaded bypassing all those layers anyways. The engineer essentially gives up on all layered security solutions and decides to dump all responsibility of security on the end-user and hope for the best. If any issues arise, the engineer's excuse is: "the user is the weakest link, they should be more careful with their data". What do you think about this approach which in an effort to avoid giving a "false sense of security"... all efforts to give security is dropped? Personally, I would think that non-security approach to security is careless at best, suicidal for the business at worst. Because of risky thinking like this is that we are loosing the war on hackers. The application layer is a big issue/liability for network security experts.

Also, please stop telling people that hacking "*almost always* been targeted against that particular individual"... Tell that to RSA and all US military contractors (Boeing, Northrop, Lockheed, etc), or to Amazon, CNN, Ebay (worth $1.2 billion losses), or to the 70 million Sony users ($1-2 billion losses), or Epsilon ($4 billion losses), or TJ Maxx's 45.7 million users. The data theft and black hat hacking industry is worth an estimated $114 billion... all for grabs to those criminals who now are in front of computers rather than breaking into cars in Russia or your local neighborhood (remember US still accounts for at least 36% of all hackings). You tell me if there is no clear motivation. If you refer to volume of breaches, maybe... but it only takes one BIG breach to make big money and that's more than enough motivation to these criminals. One lucky/clever breach is all it takes.

BTW, to those folks that claim customers can't demand features... I tell you there is a big difference between "entitlement" and "responsible consumerism". Learn the difference please.

Besides that, like I said a while back, if any of our suggestions are picked up and incorporated, then awesome. More power to the EN platform! In the meantime, do it yourself one document at the time folks.

Sorry if my approach is different. No need for sugar coatings; I just call it like it is.

Link to comment

Also, please stop telling people that hacking "*almost always* been targeted against that particular individual"... Tell that to RSA and all US military contractors (Boeing, Northrop, Lockheed, etc), or to Amazon, CNN, Ebay (worth $1.2 billion losses), or to the 70 million Sony users ($1-2 billion losses), or Epsilon ($4 billion losses), or TJ Maxx's 45.7 million users. The data theft and black hat hacking industry is worth an estimated $114 billion... all for grabs to those criminals who now are in front of computers rather than breaking into cars in Russia or your local neighborhood (remember US still accounts for at least 36% of all hackings). You tell me if there is no clear motivation. If you refer to volume of breaches, maybe... but it only takes one BIG breach to make big money and that's more than enough motivation to these criminals. One lucky/clever breach is all it takes.

Just wanted to clarify something here -

You're talking about an entirely different type of hacking than what I was referring to. In cases of corporate espionage, generally specific information is targeted. In some cases, like with the professional hacking rings that target the FBI/CIA/DOJ sites, it's just for "fun", with malicious intent but no information. It's just what these people do. It's "macro"targetting.

The attacks I was referring to were ones that I've seen, in the course of my professional career, first hand, from working in this industry as long as I have. Feel free to re-read my post if that wasn't clear.

Ok then, carry on.

Link to comment

Ok, so we do understand that in the scope of your career (which is limited to one's personal experience), you've dealt mostly with over-zealous girlfriend/boyfriends looking for a individual's information. Understood.

Now, I'm referring to every other real-world hacking scenario. You know, in the wild hackings can start as a way of having "fun" and challenge their abilities; granted. Until they get in, find any data that would compromise the company or its customers and then sell it on a board or post it in Wikileaks. They can do this for a living with the goal to gain a piece of the $114 billion pie. That's a possibility that can't be dismissed. Examples of both were given in my post.

Link to comment

Sigh. I really hate to get drawn into this. But you're talking about something which I know fairly a lot about here, as I've been dealing with this stuff for many, many, many years. On average, Joe Consumer is not going to have their data posted on Wikileaks. But, Joe Guy-that-didn't-tip-their-waiter *is* probably going to get their credit card stolen and get their face/reputation/credit card number smeared all over Facebook and Twitter.

http://techcrunch.co...-verizon-study/

The linked report is extremely enlightening - it keeps going back to the fact that these hackers are getting in because of *weak passwords* and *malware*. And that's 95% of all of the macrotargetting.

They're not breaking encryption keys - they don't even have to try.

Link to comment

To get back to practical discussion on the topic, I'd like to hear something from the devs about the feasibility of following approach:

Assumptions:

1) Some notebooks seem to need to be available in a self-contained fashion (offline, shared notebooks), so I would guess index is stored per notebook (and can be encrypted together with it).

2) Guessing from the fact that evernote-clients work offline I would assume they do the indexing themselves.

With both assumptions it seems possible to encrypt complete notebooks as a blob of data. An encrypted notebook would be handled in a similiar fashion to offline notebooks but decrypted inside evernote and 'blindly' synced to the server (not trivial I assume after a look at the sync-spec). The user can choose them to be in 'closed' state on program-startup, so he has to input his encryption-password before the contents can be accessed. Once it is 'open' the content is handled in the same way as for any non-encrypted notebook.

Obviously encrypted notebooks would only be accessible from standalone clients (and Evernote does have the advantage of having them 'everywhere'). If you don't want the information to be readable to anyone with access to the server and/or your account: put it in an encrypted notebook for another obstacle in the way. Additionally keeping the notebook closed when not currently in use would grant some protection from people with access to the machine.

Link to comment

To get back to practical discussion on the topic, I'd like to hear something from the devs about the feasibility of following approach:

Assumptions:

1) Some notebooks seem to need to be available in a self-contained fashion (offline, shared notebooks), so I would guess index is stored per notebook (and can be encrypted together with it).

2) Guessing from the fact that evernote-clients work offline I would assume they do the indexing themselves.

With both assumptions it seems possible to encrypt complete notebooks as a blob of data. An encrypted notebook would be handled in a similiar fashion to offline notebooks but decrypted inside evernote and 'blindly' synced to the server (not trivial I assume after a look at the sync-spec). The user can choose them to be in 'closed' state on program-startup, so he has to input his encryption-password before the contents can be accessed. Once it is 'open' the content is handled in the same way as for any non-encrypted notebook.

Obviously encrypted notebooks would only be accessible from standalone clients (and Evernote does have the advantage of having them 'everywhere'). If you don't want the information to be readable to anyone with access to the server and/or your account: put it in an encrypted notebook for another obstacle in the way. Additionally keeping the notebook closed when not currently in use would grant some protection from people with access to the machine.

IMO, guessing how EN works & therefore attempting to guess how a particular feature could be incorporated serves no practical purpose. Especially since...

It seems to me that Heather has been extremely clear on Evernote's stance on this - it also looks like short to medium term not much is going to change and so if the current state doesn't work for you, well then you should probably look for an alternative.

Link to comment

The linked report is extremely enlightening - it keeps going back to the fact that these hackers are getting in because of *weak passwords* and *malware*. And that's 95% of all of the macrotargetting.

I think you missed the part of the article where it mentions:

"Yet athough organized crime may have been, in volume, less active than the hacktivists, they were no less lethal in terms of what kind of cost they represented...

Porter describes the impact of the organized criminals as “death by a thousand paper cuts."

And also:

"That can include tactics like skimming information from card machines at gas pumps, breaches of e-commerce sites, and big thefts of data records from cloud-based services, such as the situation that hit Sony PlayStation last year."

They're not breaking encryption keys - they don't even have to try.

Of course, with EverNote's lack of serious encryption in the back-end, they won't have to neither. Thank you for making my point. ^_^

Link to comment

I think for me the summary is this:

1. Evernote has been made aware of our requests for encryption.

2. Consumers have the option to use it or go elsewhere if they are not happy with the product.

3. There are features of Evernote that would break or be awkward with encryption.

4. Hackers are out there. How many are interested in Evernote accounts? Who knows. I suspect they'd rather social engineer my mom's bank account or PayPal if I used it than on my collection of ideas for building shelves in my garage. NOTE: This is not all moms, but MY mom is about as illiterate as they come with regards to security and computing in general.

5. To suggest a feature is one thing. To try to brow-beat a company into submission where they admit you are right and they are wrong when they are offering an awesome product that doesn't exactly fit your needs is just plain rude. See #2.

I see this forum becoming like me complaining to my SUV maker that my car doesn't go as fast as a Porsche. Their answer would be "Go buy a Porsche... tell them Bob sent you!" A SUV is created for things like space, safety, etc (supposedly at least) and not necessarily speed. If I want speed then I'll have to go elsewhere. I'm not saying to anyone to "get out" but rather politely make your request known (done) and if they don't respond favorably (they haven't for some) then accept that is the product and choose to use it or not instead of 9 pages of arguments (some more polite than others) trying to show them their mistake. Let your subscription fees do that.

Link to comment
(...)

IMO, guessing how EN works & therefore attempting to guess how a particular feature could be incorporated serves no practical purpose. Especially since...

It seems to me that Heather has been extremely clear on Evernote's stance on this - it also looks like short to medium term not much is going to change and so if the current state doesn't work for you, well then you should probably look for an alternative.

You know, I understand you are sick and tired of people picking up this topic all the time, but I don't think your hostile tone all over the topic is more helpful.

I'm looking around for "my preferred" notetaking-tool for a while now and I keep bumping into Evernote. I do like the notebook/tag/search-management. It's really important for me to have at least a standalone-client with offline-access to all notes for Windows. Having one for android is a big bonus. Built in synchronization for all the clients is great, it's useful to write down things at home and have them available on the go. The ability to clip anything and basic text-formatting is more then enough for me (although I do miss the tab-char somewhat). The closest competitor for me would be CintaNotes and that is far behind in a lot of areas (actually it only has the tag/search-management and a native, lightweight Windows-client to offer). So to go with deverill's comparison: I do want the SUV. I think the comparison with a lack of seatbelts on the SUV is fitting. The answer people asking here get is something in the lines of "The SUV is so big and heavy, nothing will shake you enough you might need them, but if you're worried, just drive safely - or take the Porsche, it has seatbelts". I thought about making makeshift-seatbelts by syncing my windows-databases (including offline notebooks to store "sensitive" data in) externally, so my first alternative is to use Evernote, yet the whole "go away, we don't need you"-mantra of some people here does get to me slowly.

And point 3 in deverill's list was just the reason why I felt like it would be helpful to the discussion to look at the functionality and write up what I think 'better encryption' would mean for me. I didn't like the approach of encoding single notes and breaking search-features as it was discussed earlier in this topic. But I do think having "lockable" notebooks that offer all search features for the encrypted text while "unlocked" is a way that works for evernote (even better than the approach right now of putting small locks at multiple places). By the way: even the problem of online-availability with my concept can be solved, SpiderOak (online-backup and sync, think Dropbox) for example encrypts all data locally, but allows the user to view it on their servers by decrypting it for the duration of the session.

Actually I wasn't even expecting anything like "we'll get on it right now", I just wanted an educated opinion on how well the approach would work in Evernote. The response I felt I might get, would have to do with the index being stored per client and the notes as a chain of deltas with new deltas from sync being applied to both the current state of the note and the (notebook-independent) index. Even if there would be any kind of positive response to the concept itself, I expected an answer similiar to "we're a small team and can't focus in this feature for now". So no, I'm not demanding them to jump at it right now.

Link to comment
  • 2 weeks later...

After reading this and other threads, I'm unsure of the security of the Windows and Android apps. Really, it's my phone that worries me. Is login process and the viewing of notes on my phone safe from snoopers that can intercept cell phone data? I can live with myself if those things are safe.

Link to comment
  • Level 5*

After reading this and other threads, I'm unsure of the security of the Windows and Android apps. Really, it's my phone that worries me. Is login process and the viewing of notes on my phone safe from snoopers that can intercept cell phone data? I can live with myself if those things are safe.

hi zenotos. welcome to the forums!

as i understand it, the information transmitted is as secure as any other communication from your mobile device. it is encrypted. i suppose it depends on the skill of the hacker, though. if you are making a call from in front of the new nsa data warehouse in salt lake city, then i wouldn't place any bets on the safety of your data :)

if i recall, this thread is more about the databases. in other words, once your data travels encrypted and secure to the evernote databases, it is stored there unencrypted. there is a long debate of seven pages about this. the long and short of it is that evernote has taken extensive measures to protect your data, but nothing is impervious to attacks, and you need to take responsibility for your data by making sure to upload sensitive documents (everyone has a different threshold) in encrypted format, or not uploading them at all (kept in a local folder on your drive). here is the official word (see bottom of page):

http://www.evernote.com/about/privacy/

to the best of my knowledge, evernote has an excellent security record.

Link to comment

After reading this and other threads, I'm unsure of the security of the Windows and Android apps. Really, it's my phone that worries me. Is login process and the viewing of notes on my phone safe from snoopers that can intercept cell phone data? I can live with myself if those things are safe.

hi zenotos. welcome to the forums!

as i understand it, the information transmitted is as secure as any other communication from your mobile device. it is encrypted. i suppose it depends on the skill of the hacker, though. if you are making a call from in front of the new nsa data warehouse in salt lake city, then i wouldn't place any bets on the safety of your data :)

if i recall, this thread is more about the databases. in other words, once your data travels encrypted and secure to the evernote databases, it is stored there unencrypted. there is a long debate of seven pages about this. the long and short of it is that evernote has taken extensive measures to protect your data, but nothing is impervious to attacks, and you need to take responsibility for your data by making sure to upload sensitive documents (everyone has a different threshold) in encrypted format, or not uploading them at all (kept in a local folder on your drive). here is the official word (see bottom of page):

http://www.evernote.com/about/privacy/

to the best of my knowledge, evernote has an excellent security record.

Thank you! That's exactly what I was asking about. I just wanted to make sure my login is transmitted securely to the database, akin to SSL.

Link to comment

So before I either didn't have it or had it plain accessible via my iPhone, only secured by my PIN.

Philipp,

Your photos are safe on your iPhone as long as you have a PIN enabled on it. By configuring the PIN, you have enabled the iPhone security sub-system and the iPhone is now encrypted with a combination of the device hardware key and your PIN so it cannot be unlockied or read without both of those codes.

If you're interested in learning a bit more about the security of iOS devices, I'd suggest the following document:

http://images.apple.com/ipad/business/docs/iOS_Security.pdf

Link to comment

I've read many posts in which the insecurity of the cloud is taken for granted. The general reasoning is that since the Cloud is "out there" others may have access to your sensitive information. Many people have espoused keeping sensitive information in "Local" folders which are not synched to the cloud. This can be quite cumbesome if you need access to that data while you're away from your desktop. I wonder whether or not this is faulty reasoning. Yes, the Evernote cloud is somewhat more amorphous than one's own desktop, but I would assume that it's far more secure. I assume that Evernote expends far more in resources and expertise to secure their cloud than I can to secure my desktop. If I were a hacker and wanted to target an individual user, I would hack into their desktop rather than trying to get to them through Evernote, Dropbox or any other cloud system. For this reason here are the only steps that I've taken thus far to secure my EN data:

-I use Evernotes encryption feature to encrypt sensitive text in various notes.

-I encrypt every sensitive PDF using Acrobat's encryption feature

I am somewhat reluctant to employ protective techniques which could backfire in some way or make the process of using EN more cumbersome ie: such as creating an encrypted drive via TrueCrypt and putting all my EN databases into that.

If anyone else has advice on how to make EN data more secure I would be grateful to learn.

Link to comment

I store my Evernote database and thousands of other files (PDFs, Quicken, Word docs, etc) as well as my in-house backups of those files in Truecrypted containers.

Interesting. Could you describe the process? What are the advantages or disadvantages?

Link to comment
(...)

IMO, guessing how EN works & therefore attempting to guess how a particular feature could be incorporated serves no practical purpose. Especially since...

It seems to me that Heather has been extremely clear on Evernote's stance on this - it also looks like short to medium term not much is going to change and so if the current state doesn't work for you, well then you should probably look for an alternative.

You know, I understand you are sick and tired of people picking up this topic all the time, but I don't think your hostile tone all over the topic is more helpful.

Hostile tone? Sorry, but that's not my "hostile tone".

Link to comment
  • Level 5*

I clipped a table from a web site that was a receipt. I wanted to encrypt it in a note, but the encrypt selected text option on the right click menu was grayed out. I created a new note and put an empty table in it - no ability to encrypt that either. Is this a "feature" of EN at present? I am using the latest beta.

Link to comment
  • Level 5*

Yep, it's a feature. You can encrypt plain text, but not the coding that's included with your clip and the vacant table. One option might be to PDF the information and password protect the file?

Link to comment
  • Level 5

I clipped a table from a web site that was a receipt. I wanted to encrypt it in a note, but the encrypt selected text option on the right click menu was grayed out. I created a new note and put an empty table in it - no ability to encrypt that either. Is this a "feature" of EN at present? I am using the latest beta.

Encrypting tables that contain only text should work. The receipt that you clipped may have contained an image (or it may even be an image itself) and we don't allow encrypting images. If the note doesn't contain any sensitive data, feel free to send it to me in .ENEX format and I'll let you know what's causing the problem.

In your second case, if the table contains no text at all, we won't encrypt it. If you enter some text into the table, you should find that the Encrypt option is available.

Link to comment
  • Level 5*

Encrypting tables that contain only text should work. The receipt that you clipped may have contained an image (or it may even be an image itself) and we don't allow encrypting images. If the note doesn't contain any sensitive data, feel free to send it to me in .ENEX format and I'll let you know what's causing the problem.

Thanks for the clarification. I took a look at the note in the enml editor and saw that there were several lines with images in them (they appeared to be white images, so they didn't show up on the usual inspection techniques. Replaced all of those with non-breaking spaces, and the encryption option was restored.

In your second case, if the table contains no text at all, we won't encrypt it. If you enter some text into the table, you should find that the Encrypt option is available.

That makes sense, but now that the first case has been resolved, I am not bothering to try this one.

@gazumped: password-protecting the pdf is certainly an option, but I wanted something quick, light, and easy. The encrypted receipt with the images removed is about a quarter of the size of the pdf. No big deal in this case, but maybe for some tables.

Link to comment

I installed Desktop on my work computer because I like it more than the web version, but I have no control over access to my computer (ie. from IT, my boss if wanted or if I were laid off). It would be great if the Desktop version could be set to require a password or PIN each time it is opened, and have the data protected by a simple encryption (eg. based on the password or PIN).

I am not talking about protection from serious hackers, but protecting personal information from my employer.

Link to comment

I installed Desktop on my work computer because I like it more than the web version, but I have no control over access to my computer (ie. from IT, my boss if wanted or if I were laid off). It would be great if the Desktop version could be set to require a password or PIN each time it is opened, and have the data protected by a simple encryption (eg. based on the password or PIN).

I am not talking about protection from serious hackers, but protecting personal information from my employer.

You can sign out before exiting

Link to comment

I've decided to take the plunge and give Evernote a try. I like that it is available on all my platforms and maintains formatting so that notes are displayed in true fidelity.

I do have an issue with the encryption functionality. It is cumbersome and not supported across the platforms. If I encrypt text in Windows, I cannot decrypt and edit on iPad.

Further, if I modify text in an encrypted note body, the Windows client "forgets" to re-encrypt it.

I would prefer to see an option checkbox, perhaps in the header, that indicates the body of the note is to be encrypted AND have that respected across all clients.

Also, the iPad client does not "remember" the encrypt/decrypt password.

Hoping this improves in the near future. I am concerned about storing confidential information in non-encrypted format on any cloud service.

Regards,

Rob

Link to comment
  • Level 5*

I've decided to take the plunge and give Evernote a try. I like that it is available on all my platforms and maintains formatting so that notes are displayed in true fidelity.

I do have an issue with the encryption functionality. It is cumbersome and not supported across the platforms. If I encrypt text in Windows, I cannot decrypt and edit on iPad.

Further, if I modify text in an encrypted note body, the Windows client "forgets" to re-encrypt it.

I would prefer to see an option checkbox, perhaps in the header, that indicates the body of the note is to be encrypted AND have that respected across all clients.

Also, the iPad client does not "remember" the encrypt/decrypt password.

Hoping this improves in the near future. I am concerned about storing confidential information in non-encrypted format on any cloud service.

Regards,

Rob

to be honest, there are several little inconsistencies and incompatibilities across different platforms, so i think if we could expand this a little bit and say: if it exists on a platform, it ought to have all of the functions found on other platforms. encryption ought to be creatable and editable. same thing for note links. notebooks ought to have stacks. metadata ought to be visible and editable. the list could go on, but i think the point is clear.

good news! evernote is striving for parity across platforms, so i think we can expect this to appear someday :)

however, if it is not technically feasible, i hope the designers tell us.

Link to comment

I tried to encrypt a table which contains nothing but text. It is a list of my credit cards with phone numbers. After opening the table which started out with 5 columns, everything is there but all in the first column. The other columns are blank.

Link to comment
  • 4 weeks later...

Yet another request to add full note, attachment and notebook encryption capability to Evernote.

Please provide users with tools to secure their data, let them decide which notes and notebooks they feel need encryption (at the cost of losing features which are impossible when data is encrypted).

Link to comment
  • 3 weeks later...

Adding encryption to notebooks would defeat the Evernote OCR process.

You can encrypt the information inside a note, but not an entire Notebook, unless you are using a 3rd party program like TrueCrypt.

Curious. Over 90% of my notes are all text. If your note doesn't contain any graphics what will OCR get you? Users should be able to have the choice to encrypt notebooks/notes and even stacks to keep prying eyes from sensitive data. I'm working on a solution to this.

David

Link to comment
  • Level 5*

Adding encryption to notebooks would defeat the Evernote OCR process.

You can encrypt the information inside a note, but not an entire Notebook, unless you are using a 3rd party program like TrueCrypt.

Curious. Over 90% of my notes are all text. If your note doesn't contain any graphics what will OCR get you? Users should be able to have the choice to encrypt notebooks/notes and even stacks to keep prying eyes from sensitive data. I'm working on a solution to this.

David

You are really busy! I wonder if you would consider posting some of these Apple Scripts and so forth on the user forums. Or, if you post them elsewhere, please provide links for us!

As far as encrypting notes, we can currently encrypt the text within individual notes.

https://support.evernote.com/link/portal/16051/16058/Article/1652/What-type-of-encryption-does-Evernote-use

We cannot encrypt notebooks (or their stacks). It is something that has been discussed at length in other threads. One of the problems with encrypting your text is that Evernote will not be able to index the content, and so it will not show up on search results. I'll be interested to see how you work out a solution to encrypting notebooks. I imagine there are other users on the forum who will be interested as well :)

The OCR features, of course, are related to images and PDFs. If you have only text, then you already have the tools needed to encrypt your content. Users who put sensitive information like health and financial records into Evernote sometimes choose to encrypt PDFs before uploading them. This is quite easy to do, and provides pretty robust encryption. The only downside (in my opinion), is that you have to do this for each and every one, and this is kind of a pain.

Link to comment

I would like to suggest that perhaps Evernote should take a step towards complete encryption. I use evernote frequently for odds and ends but do not feel comfortable posting tax documents, health documents and other personal information. I would like to have everything in one place but not at the price of privacy or security for me and my family.

I currently also subscribe to SpiderOak and I love their privacy and technology postion. Basically everything is encrypted before it is sent to the data center. Read about it here: https://spideroak.com/whyspideroak#privacy.

I think this policy goes beyond protecting me - it could also protect Evernote.

Link to comment
  • Level 5

Evernote does not promote itself as a storage center for highly confidential information. It is a low priced consumer driven program.

For confidential and private information, store it on a local non-sync'd Evernote notebook. It will only be visible to the user on that single machine and never get to the cloud.

For users that need more security, complete encryption is already possible with TrueCrypt. You will loose the OCR done by Evernote and use on other devices, but it will address your needs.

Link to comment
  • Level 5*

I would like to suggest that perhaps Evernote should take a step towards complete encryption. I use evernote frequently for odds and ends but do not feel comfortable posting tax documents, health documents and other personal information. I would like to have everything in one place but not at the price of privacy or security for me and my family.

I currently also subscribe to SpiderOak and I love their privacy and technology postion. Basically everything is encrypted before it is sent to the data center. Read about it here: https://spideroak.co...deroak#privacy.

I think this policy goes beyond protecting me - it could also protect Evernote.

Hi. Welcome to the forums!

I see where you are coming from. This is a debate we've had at length on the forums. You might want to read more here:

The way I see it, Dropbox and Spideroak are like virtual thumb drives; they are meant to store stuff, so they naturally have encryption. Evernote is your virtual brain, and it is geared towards storing, searching, and organizing your memories. Encryption makes it difficult to accomplish these tasks: you cannot search what you cannot see. Nevertheless, Evernote offers encryption of text in notes, and you can always encrypt anything you would like before putting it into Evernote.

Link to comment

Frankly most solutions/services which encrypt everything still use rather basic login procedures which render them quite insecure. So as well as encryption you need online banking style logins/pinsentry etc.

Link to comment

Hi,

I was looking for directories where Evernote stores its DBs and I discovered that all the notes are saved unencrypted!

It doesn't make sense that i have to enter a password to login when anyone who have access to my pc can read all notes simply opening them with a text editor.

No problem if i'm on my home pc, but I use Evernote at work and i have to use the online version because i don't know who could see files on my pc.

Maybe you can think to implement some sort of encryption in the next version?

I'm a great fan

Thanks

Link to comment
  • Level 5*

Hi, welcome to the Forums.

There's been a LOT of discussion about encryption in the Forums - please search for more background. Short version: if databases are encrypted, they're kinda difficult to search within. It's possible to encrypt files attached to Notes, and use apps like Truecrypt to secure things locally; but security (beyond restricting access to your account) is largely left to users to implement.

Link to comment

Sorry, i didn't search before posting.

I'm reading now some discussion and i get the point, but i'd like at least to have the choice to encrypt my DBs.

I'm not interested in search and OCR functions, for example.

Of course i'm not asking for secret-services-level-encryption, just a simple one. I know truecrypt and that's for more serious stuff, i don't want to encrypt the entire disk to keep some notes private. Otherwise, the already implemented encryption of single parts of the notes is not enough for me.

Whole disk encryption is always the best solution, but many softwares encrypt their DBs theirselves without asking.

is that difficult to implement? (just asking, i don't know about programming)

Sorry for my english

Link to comment

Sorry, i didn't search before posting.

I'm reading now some discussion and i get the point, but i'd like at least to have the choice to encrypt my DBs.

I'm not interested in search and OCR functions, for example.

Of course i'm not asking for secret-services-level-encryption, just a simple one. I know truecrypt and that's for more serious stuff, i don't want to encrypt the entire disk to keep some notes private. Otherwise, the already implemented encryption of single parts of the notes is not enough for me.

Whole disk encryption is always the best solution, but many softwares encrypt their DBs theirselves without asking.

is that difficult to implement? (just asking, i don't know about programming)

Sorry for my english

Doesn't matter whether it's difficult to implement or not. EN's focus is to do the indexing of notes to make them easy to retrieve. Their focus is not to be a password manager. They have chosen to implement basic text encryption of notes (search the board, if you need more info) and leave securing the local database up to the user.

I don't know why you want the ability to have your database encrypted but then brush off Truecrypt as "for more serious stuff".

Link to comment
  • Level 5*

Hi. Your English sounds fine to me :)

Evernote is set up to be your external brain, and part of that goal is giving you the ability to find anything you put in there, not to hide it away.

To this end, they seem to have assumed that the majority of their users will want to use search, the OCR, integrate third-party applications, and take advantage of various other features. They have chosen to pour their resources into these things, and though it might be technically feasible to have Evernote encrypt the databases, at this point I think the company is focused on other areas.

Evernote provides some encryption, and users can encrypt data before uploading, but I think these types of notes and files comprise a very small percentage of the whole. It is probably in Evernote's best interest, and in the best interest of most users who do not need encryption, to continue its policy of "outsourcing" that kind of work to users. This might change in the future, of course. After all, they plan to be a hundred-year company :)

I am one of those users who would like to see something like an encrypted notebook, or a tag that would encrypt the contents of notes that have it. However, I know that even I probably wouldn't use this too much -- mainly for medical records and the like. Honestly, given the small number of files I want to encrypt, it is probably best to just do it myself and encourage Evernote to develop stuff that is going to matter to more people. I am betting that there are a lot more people out there who want to see a highlighter on the Mac and Windows clients than those who want encrypted databases :)

Link to comment

Of course i'm not asking for secret-services-level-encryption, just a simple one. I know truecrypt and that's for more serious stuff, i don't want to encrypt the entire disk to keep some notes private.

No need to encrypt your entire disc with TrueCrypt to do what you want here. All you need to do is to create an encrypted file container and store your EN database within that. This is probably a five minute job and would provide you with exactly what you're asking for.

Link to comment

All you need to do is to create an encrypted file container and store your EN database within that. This is probably a five minute job and would provide you with exactly what you're asking for.

I know well truecrypt, but why use two password when i could use just one?

I'm not asking to do a double job.

However, i'll continue using the online version where i need more privacy and keep hoping evernote will integrate full encryption.

Link to comment

I know well truecrypt, but why use two password when i could use just one?

I'm not asking to do a double job.

However, i'll continue using the online version where i need more privacy and keep hoping evernote will integrate full encryption.

I'm all for pointing out EN's deficiencies, but on-disc encryption isn't something I'd expect or want it to do when there are simple, bullet-proof general solutions such as TrueCrypt or even the native encryption facilities built into Windows (the latter which I haven't used so can't vouch for).

As you're worried about the security of your work PC, then I'd have thought that TrueCrypt would be an ideal solution for you, as you could encrypt everything anyway.

I'd be very happy to see my EN content encrypted on the EN servers, but as far as I'm concerned local encryption is my responsibility.

Link to comment
  • Level 5*

I am one of those users who would like to see something like an encrypted notebook, or a tag that would encrypt the contents of notes that have it. However, I know that even I probably wouldn't use this too much -- mainly for medical records and the like.

I also would like to see the ability to encrypt all Notes/attachments within a Notebook.

And judging by the number of others who have made this request in other threads, I suspect that many users would like this.

This would allow us to actually do what Evernote CEO Phil Libin has said -- use Evernote for all of our data/memories.

With Notebook encryption, we could easily, safely and securely store our sensitive memories like medical, financial, and legal records.

And, if only the Note contents/attachments are encrypted, we can still have a very useful search using Note title, tags, dates, and other note attributes.

Link to comment
  • 3 weeks later...

I know parts of this have been discussed in depth here but I wanted to approach the question from a different angle.

I've been using EN (Mac) for 3 years, tossing everything and the kitchen sink in it. Personally, what I should have been doing and what I am in the process of rectifying is extracting and encrypting certain pdfs (which account for the bulk of my sensitive information). I'm doing this using Apple's native file encryption - no extra software.

So far it seems to be working well. I encrypt a tax document with a long 1Password generated password, it syncs, and I'm able to open it on my iOS device and other Mac after entering the password. I realize I'm giving up some of the OCR search capabilities for these documents, but they are relatively few and worth it. I also encrypt any of the actual notes that are sensitive using EN's service. Finally, I add a tag like "encrypted" to any note I encrypt, simply to index them.

So here is my question, and I know we each have our own security level. In this day and age, how far should one take encryption? Obviously, complete encryption removes any accessibility.

What I'd like to find out from others here is what constitutes the MINIMUM level of security????

Here is what is my personal minimum:

Tax documents

Medical documents

Bank statements

Any document with a SSN on it

Any username/password

Legal documents - wills etc.

Any other suggestions or thoughts?

Thanks-

LL

Link to comment
  • Level 5*

The minimum level of security is surely zero passwording/ encryption? It's always possible to keep sensitive information out of the cloud by using local notebooks, and depending on the individual and the information, a user may decide that whatever they have on the Evernote servers is unlikely to benefit anyone if lost or stolen. This is such a personal choice that I don't think you can possibly set a 'minimum required'. Given Evernote's levels of security at any given time, it's up to users to realise that it's always going to be possible* for gremlins or bad guys to compromise your stuff. If you don't feel comfortable with specific data being at risk, it's your responsibility as owner to do something about it.

*Note I'm not saying "likely" or "technically feasible" or "cost-effective", just ..bad things can always happen.

Link to comment
  • 2 weeks later...

"One of the problems with encrypting your text is that Evernote will not be able to index the content, and so it will not show up on search results"

I'd have to say, I disagree with this. If you are encrypting a notebook, you dont want it to show in search results!

To me, the idea of encrypting a notebook would be that, even if your account was compromised, there would be an extra level of security around an encrypted notebook. Another (different) password would be required to access it.

Suppose Luke Skywalker's uncle Owen had a personal notebook within his collection of notebooks. In it, Owen states "I cannot let Luke know he is Vader's son". Now if Luke manages to get in the account perhaps by accident, say Uncle Owen didnt close the browser when he went to the kitchen and young Luke searches on his name and he then gets to know he is Vader's son! So I would think Uncle Owen encrypting that particular notebook means he doesnt want it in the search results. And having multiple accounts is messy, and costs Uncle Owen more, he is on a budget.

Link to comment

"One of the problems with encrypting your text is that Evernote will not be able to index the content, and so it will not show up on search results"

I'd have to say, I disagree with this. If you are encrypting a notebook, you dont want it to show in search results!

To me, the idea of encrypting a notebook would be that, even if your account was compromised, there would be an extra level of security around an encrypted notebook. Another (different) password would be required to access it.

Suppose Luke Skywalker's uncle Owen had a personal notebook within his collection of notebooks. In it, Owen states "I cannot let Luke know he is Vader's son". Now if Luke manages to get in the account perhaps by accident, say Uncle Owen didnt close the browser when he went to the kitchen and young Luke searches on his name and he then gets to know he is Vader's son! So I would think Uncle Owen encrypting that particular notebook means he doesnt want it in the search results. And having multiple accounts is messy, and costs Uncle Owen more, he is on a budget.

It's fine for you to disagree. But the fact of the matter is that "True" encryption means that EN (or Dropbox or Sugar Sync or whomever) does not have your encryption password. So they cannot decrypt (and therefore index) your notes. You think hackers may be smart enough to get into the EN servers but not smart enough to figure out where the encryption passwords are located??? (Which is why "true" encryption does not store your encryption password.) IE, Truecrypt, a free & highly regarded encryption program for Windows tells you up front, if you forget your encryption password, then too bad. They can/will not help you recover your data, if you forget your encryption password.

Link to comment

Correct! They cannot index my notes and also will not be able to decrypt at all unless I provide the password - they would not be storing the password. Now you are catching on! ;*)

I'm not catching on...I've been saying this for several years. But it's unclear from your post whether you are catching on or not.

Link to comment

After reading Seven Deadly Sins: Evernote Tips You Should Avoid (http://antivirus.about.com/od/securitytips/a/evernotetip.htm) there is one thing that comes to my mind and that is the level of security Evernote have. 

If Evernote had the ability to encrypt an entire notebook that would make a big difference.

Of course, you can encrypt a text but sometimes that is not enough! 

This could of course be a Pro-thing.

I think that this would take Evernote to a hole new level!

FYI: I use 1Password to store all my "Top secret" notes, for the time being…

Link to comment
  • Level 5*

Hi and welcome to the Forums. It's a shame there's no comments on the About.com page, or we could leave a note to explain to them how their content is as misleading as the tips it quotes.

If you search "security" or "encryption" in this Forum, you should find that this topic has been discussed to death. And the basic problem is: if you encrypt a notebook, you can't index it for searching. That's somewhat of a simplification, but it will do for the moment. Best advice to anyone using Evernote - use local notebooks that aren't uploaded anywhere; passworded PDF files that aren't easily read; encrypted files for even more security; and encrypted local disk partitions. There are trade-offs between roving access, easy searching, security and regulations imposed by professions or governments. Evernote is a tool; it's up to those using it to use it responsibly and take care of their own protection.

Link to comment

Yup. Not only has this article been mentioned before, as gazumped said, the topic has been discussed already. At. Great. Length. Dang, there's even a thread that was started today (by our own Metrodon!) in light of Dropbox's (most!) recent breach. Really nothing new to see here.

Link to comment
  • Level 5*

Hi. Welcome to the forums! I like your suggestion, it is something I have requested before, and we have discussed it a lot on the forums. Evernote has good reasons for not introducing encrypted notebooks, and we have good reasons for requesting them, but I don't know what the best answer is for Evernote. I am more interested in the site you linked to in your post.

I consider that page to be a mean-spirited and misleading smear attack on Evernote. The whole argument can be boiled down to: anything connected to the Internet and unencrypted is at risk.

First of all, she's just wrong, as any Dropbox user knows. Encryption doesn't matter if people follow poor password practices or Dropbox opens up the accounts of every user to the world (true story).

Second of all, why single out Evernote? She's talking about a risk you take with any cloud service. In fact, Evernote is one of the few services out there that is up-front about the security vulnerabilities in their model and they explicitly recommend that you take responsibility for encryption of sensitive data instead of offering you a false sense of security.

Evernote may offer encryption some day, but that doesn't mean the current system is somehow flawed. Instead of being unfairly singled out as unsecure, they ought to be commended for treating their users with respect by being honest and setting up the service in a way that gives you total control over your data depending on the security level appropriate for your situation.

Link to comment

Second of all, why single out Evernote? She's talking about a risk you take with any cloud service. In fact, Evernote is one of the few services out there that is up-front about the security vulnerabilities in their model and they explicitly recommend that you take responsibility for encryption of sensitive data instead of offering you a false sense of security.

And this is exactly what you (GM) & I were discussing earlier today in the thread Metrodon started. Dropbox tries to instill a sense of security. To the point that I (as a paid Dropbox user) really consider intentionally misleading. Although I"m not trying to speak for you, I think you agreed.

Link to comment
  • Level 5*

Second of all, why single out Evernote? She's talking about a risk you take with any cloud service. In fact, Evernote is one of the few services out there that is up-front about the security vulnerabilities in their model and they explicitly recommend that you take responsibility for encryption of sensitive data instead of offering you a false sense of security.

And this is exactly what you (GM) & I were discussing earlier today in the thread Metrodon started. Dropbox tries to instill a sense of security. To the point that I (as a paid Dropbox user) really consider intentionally misleading. Although I"m not trying to speak for you, I think you agreed.

Well, I wouldn't go that far :)

I have been a Dropbox user for a long time now, I used to be a paying member (now free because I find Google Drive a better fit for my needs), and I love the service.

However, I think their response to the recent security issues fell short of what I hoped they would do. In the past they have shown a commitment to security, and in the future they promise to improve even more, which is great. However, why didn't they suggest methods for their users to better protect themselves?

I think your use of TrueCrypt is one of those simple ways that users can easily protect themselves from all of the security problems that Dropbox has experienced. Yet, they don't inform their customers or recommend this kind of protection. It is disappointing.

One thing I like about Evernote is that they tell it like it is. They offer encryption as well (for individual notes), but they tell you up front that it isn't as secure as other methods, and they offer recommendations for more security. On the podcasts, for example, if memory serves correctly, the top-level management members have talked about encrypting PDFs before they upload them. The honesty and helpful advice about security, including openness about the limitations in their own system, educates users so that we can become better cloudizens (I am trademarking that).

They don't have to do it, but they do. Dropbox doesn't have to do it and they don't. I wouldn't call it intentionally misleading, but I think they could do better.

Link to comment
  • Level 5*
And the basic problem is: if you encrypt a notebook, you can't index it for searching. That's somewhat of a simplification, but it will do for the moment.

This is a great over-simplification, and misleading.

Evernote could encrypt ONLY the note contents & attachments, but NOT the note metadata, like Title, Tags, Dates, and other attributes.

This would protect the contents while still allowing very effective searching using the above attributes. This would be quite acceptable and useful.

This is an option that Adobe offers when encrypting their PDF files.

Link to comment

First of all would I like to apoligize for breaking the first rule of any forum: Search before you ask! I should know better…

About.com might be a bit misleading, but they have some good points that everyone using any online storage should consider.

And it is true that it don`t matter which service you use so it is a bit shame that they single out Evernote…

Evernote have som good reasons for not having this function and, like GrumpyMonkey says, we have good reasons to request it.

Nevertheless: JMichael have a great point here:

And the basic problem is: if you encrypt a notebook, you can't index it for searching. That's somewhat of a simplification, but it will do for the moment.

This is a great over-simplification, and misleading.

Evernote could encrypt ONLY the note contents & attachments, but NOT the note metadata, like Title, Tags, Dates, and other attributes.

This would protect the contents while still allowing very effective searching using the above attributes. This would be quite acceptable and useful.

This is an option that Adobe offers when encrypting their PDF files.

It should really not be that all difficult…

Evernote is an ever evolving tool so we just have to wait and see what happens…

Link to comment
  • Level 5*

I'm just speculating here, but changing the code even a little bit across several clients is probably never a simple task, especially when you have about 40 million customers depending on you. Then there is the possibility that this involves a fundamental change in the architecture. To outside observers it might seem simple in theory, and obviously it "can" be done, but in my experience coding, nothing is ever simple in practice.

Then, there are probably legal implications to consider for an international company like Evernote that is going to offer powerful encryption tools and no hope for law enforcement to gain access to the data on their servers, because (presumably) Evernote will not hold the encryption keys.

Again, Evernote may implement this, but I am just suggesting that nothing is simple at the level they are operating. Anyhow, don't worry about the searching. Your thread is timely, and it gives us a chance to point out how bad that about.com page is :)

I agree about good advice being scattered around in there, but it is hopelessly mired in muddled and misleading arguments. There are many, many other sites that provide better information, in my opinion. It's too bad this one gets ranked so high in the search results.

Link to comment
  • Level 5*

It is great that you dont think it is possible (or think it is needed) but the request stands - hopefully someone who actually works for the company reads these forums!

Hi. Welcome to the forums, and thanks for the input!

Evernote staff regularly read the forums and have responded at length already with their thoughts about this particular request. BNF is extremely well-versed about this feature request, so I don't think she had any problem catching on :)

So, you disagree with what I said? I didn't spell out the implications there, so maybe if I do then you can get a better sense of where I am coming from. Maybe we don't disagree so much at all.

Evernote is built to help you remember things, and they devote their efforts to that task. They seem to be careful about expending their resources on projects that do not contribute to this goal. Encrypting notebooks might help you in terms of storing things more securely (if you see Evernote as a virtual safe), but because it is not indexed, it won't help you to remember anything, and it certainly won't make you smarter (the goal of an external brain).

Don't get me wrong. I have requested encrypted notebooks as well! I would like to see them. Ultimately, however, Evernote has to decide how best to allocate resources, and while it may come someday, I certainly do not see it as priority #1. As BNF said, you already have tools at hand to encrypt everything as well as Evernote possibly could, so it really comes down to convenience, and I can think of a whole host of other features that I would put ahead of this request (even though, as I said, I would like to see it).

Anyhow, as users I think it is our role to suggest features and make the argument for our use cases. It's Evernote's job, though, to decide if features would be in its best interest, and to work out the best timeline for implementing them.

Link to comment
  • Level 5*

It is great that you dont think it is possible (or think it is needed) but the request stands - hopefully someone who actually works for the company reads these forums!

They do & this is just one of their comments regarding encryption.

http://discussion.ev...8994#entry48994

LOL. I could have just linked to that post. The last line really says it all. Again, I think Evernote's position may well evolve over time, but I can understand why they have not prioritized this feature, even though I would like it :)

Link to comment
  • 4 weeks later...

Having confirmed that two different text snippets can have two different passphrases, several more questions arise:

  1. Is there a partical limit to the number of different passphrases you can have in one note? One notebook? One account?
  2. I assume the normal "secure password" conventions also apply here-- things like length, upper/lower/numbers/symbols, don't use your cat's name, etc... true?
  3. Suppose I put acct. #s in a note and don't encrypt them. They get synced to EN servers. A few minutes later I apply encryption. Since I assume EN is using some kind of journaling file system on their servers, that means the clear copy of my acct #s is still there, it just won't sync back to me, someone else, etc.
    • How long does the clear copy stay on the EN servers?
    • Is there a situation where the clear copy would be restored instead of the encrypted copy?

[*]Since EN itself requires visibility into our data (for the FT indexes), that means that if EN is ever hacked, hackers will have everything that's available in clear text. Will they also have earlier snapshots of the file system (see previous question)?

The point of the last question is to better understand what it means to realize that something in EN should have been encrypted right away, but for some reason, was not.

Thanks!

Link to comment
  • 2 weeks later...
  • Level 5

Encryption kills Evernote's ability to index information.

Video on Evernote encryption

Overview of Evernote encryption

https://support.evernote.com/ics/support/KBAnswer.asp?questionID=549&hitOffset=130+87+75+73+46+36+28+15+9+3&docID=23768

Type of Evernote encryption

https://support.evernote.com/ics/support/KBAnswer.asp?questionID=1652&hitOffset=229+222+219+181+162+146+73+29+10+4&docID=23797

Lots of additional encryption information on this forum - just use the search feature to get up to speed.

Link to comment

Encryption kills Evernote's ability to index information.

Video on Evernote encryption

Overview of Evernote encryption

https://support.ever...9 3&docID=23768

Type of Evernote encryption

https://support.ever...0 4&docID=23797

Lots of additional encryption information on this forum - just use the search feature to get up to speed.

>>Encryption kills Evernote's ability to index information.<<

But I would be more than happy to to forgo indexing capability of these documents to have encrypting at the "entire note level." In this instance, I am moving product support documents that contain screen images. The documents are currently encrypted at my skydrive. It's a real wrinkle in my 'move to en plans' that these documents cannot be encrypted. Any suggestions? Thanks.

Link to comment
  • Level 5

But I would be more than happy to to forgo indexing capability of these documents to have encrypting at the "entire note level." In this instance, I am moving product support documents that contain screen images. The documents are currently encrypted at my skydrive. It's a real wrinkle in my 'move to en plans' that these documents cannot be encrypted. Any suggestions? Thanks.

Sure, Just put all your notes into non-synchronized notebooks.

The information is never sent to the cloud or your mobile devices and stays on your local Windows or Mac computer.

And to get extra security, encrypt the entire database with Truecrypt.

Again, search the forum for more details.

Link to comment

But I would be more than happy to to forgo indexing capability of these documents to have encrypting at the "entire note level." In this instance, I am moving product support documents that contain screen images. The documents are currently encrypted at my skydrive. It's a real wrinkle in my 'move to en plans' that these documents cannot be encrypted. Any suggestions? Thanks.

If you want them in the cloud, I would suggest using encrypted PDFs. Alternatively, a true backup service like Jungledisk.

Link to comment
  • Level 5

Curious. Over 90% of my notes are all text. If your note doesn't contain any graphics what will OCR get you? Users should be able to have the choice to encrypt notebooks/notes and even stacks to keep prying eyes from sensitive data. I'm working on a solution to this.

Users do have the choice to encrypt. If the basic Evernote encryption technique is not strong enough, then use something more advanced like TrueCrypt.

Expanding on your slippery slope logic:

Users should have the choice to use advanced layering Photoshop techniques to the photos stored in Evernote.

Users should have the choice to use advanced automatic promoting and demoting to basic outlines stored in Evernote.

Users should have the choice to use mufti-language translating to text stored in Evernote.

The result? Evernote Bloatware.

Link to comment

Here's another request, ladies and gentlemen.

It really amazes me when people claiming to be tech-savvy and intelligent take such an ostrich-head-in-the-sand position. Let me sum it up for them so-called "Evangelists" (what a pretentious name, BTW, with all due respect; someone in Marketing deserves a bonus for making Evernote look like a religion!):

1. Evernote is pretty secure, although the data is unencrypted.

2. Despite this claimed security, storing sensitive info on Evernote is counter-indicated, and we ourselves use additional security for sensitive data.

3. However, users are themselves responsible for their usage of Evernote, so we will not advise them of lack of server-side encryption - this might result in small revenues!

4. We will, however, continue advertizing Evernote as a place for any and all information our users have.

5. Adding note\notebook\DB encryption is such a hassle, there are export limitations, and who cares that Dropbox et al have managed to somehow solve this problem! Better spend the income on pay raises than security for our customers.

6. If your data gets stolen, it will most likely get stolen by a person having access to your device, rendering Evernote DB encryption pointless.

7. Anybody who is claiming that the above is not a sane position is an "Evangelist-basher" (another priceless term here).

Now, it's all pretty self-evident, so I won't dwell upon it. I'd only like to comment on (6) above: having time-limited viewing capability of secured notes\notebooks would very much reduce the risk of compromising sensitive information almost to zero. I.e. the user enters the password to see the note, which stays visible in its unencrypted form only until the user-specified countdown has been reached, or the user switches to another note\notebook, or the device enters sleep mode; to view the note\notebook again, user will have to re-enter the password. This may be used as an additional (optional) security measure, separate and independent from the complete server-side DB encryption.

Lack of notebook\note encryption (as opposed to implemented note-text encryption) is a serious drawback. Right now, that means that I will continue storing my truly sensitive data on a DropBox drive in a BoxCryptor container, and less sensitive data on DropBox. This is far more convenient than encrypting every separate PDF file and archiving all inherently non-encryptable formats into password-protected zips\rars. Thus, I will not be needing a paid Evernote account, now ain't that a daisy?

The way I see it, there are several possibilities for this situation to develop:

1. Due to the small numbers of security-conscious people, things stay as they are. People who don't want to encrypt files individually keep using dropbox, boxcryptor, TC. Other people store everything in Evernote. Nothing bad happens, everyone is happy.

2. Same as above, but one day, Evernote-stored data is compromised, and "Evangelists" have to tell all the users "it was your own fault, we have no responsibility over what you do with the tools we provide". Users do not like that, even if judges might agree.

3. As more and more people learn to appreciate the ease of use Evernote offers in accessing fragmented data, more tech-savvy, security-conscious people confront the limitation and request this feature. Under the pressure, Evernote devteam\management includes this functionality in the next century.

Link to comment
  • Level 5*
It really amazes me when people claiming to be tech-savvy and intelligent take such an ostrich-head-in-the-sand position. Let me sum it up for them so-called "Evangelists" (what a pretentious name, BTW, with all due respect; someone in Marketing deserves a bonus for making Evernote look like a religion!):

and

"Evangelists" have to tell all the users "it was your own fault, we have no responsibility over what you do with the tools we provide".

Just a minor correction -- you seem to be under the impression that we Evangelists are employees. We're not; we're volunteers. We don't write the code, we don't design functionality, we don't provide the tools. We just use them, as they exist in reality, not in the wish-world. I wouldn't have chosen the term myself, but its use as a designator of "enthusiast so as to make a product more attractive" predates Evernote usage by a fair number of years, and the "Ev-" stem was probably why Ev-ernote chose it. Of course, Shakespeare had this all figured out long ago ("that which we call a rose" etc.) -- the actual term used doesn't matter as much as the function. We are here to respond to customers, in whatever way we deem suitable, but hopefully constructively. We generally are not here to apologize for Evernote's policies, though we will try to explain them as best we are familiar -- the understanding being that Evernote is responsible for making feature decisions, as it's their company to make succeed or fail.

That being said, what's being requested here is all fair game and it's all been said before; it's up to Evernote to decide whether or not to implement it, and if so, how. About the best we can do here is be open about what works and what doesn't in the current implementation, and maybe why, if we can shed some light.

Link to comment

It's my favourite post of the week and it's only Tuesday!

Yup. Nothing new to see here. ("Asked & answered.")

And it's been a while since we've had any Evangelist bashing, so I guess it was time. Guess I should dust off that target on my back.

(BNF goes off to find a microfiber cloth...)

Link to comment

About the best we can do here is be open about what works and what doesn't in the current implementation, and maybe why, if we can shed some light.

And, IMO, that's pretty much what we (EE's) do & regularly get bashed for it. ("Taking sides.") Yet when someone has a real problem (phone/laptop with EN installed was stolen, how to backup, need to restore from a backup, etc) ...the people who often are the "first responders" are the Evangelists. Certainly none of the people who bash the evangelists. Funny that.

Link to comment
  • Level 5*

Here's another request, ladies and gentlemen.

It really amazes me when people claiming to be tech-savvy and intelligent take such an ostrich-head-in-the-sand position. Let me sum it up for them so-called "Evangelists" (what a pretentious name, BTW, with all due respect; someone in Marketing deserves a bonus for making Evernote look like a religion!):

1. Evernote is pretty secure, although the data is unencrypted.

2. Despite this claimed security, storing sensitive info on Evernote is counter-indicated, and we ourselves use additional security for sensitive data.

3. However, users are themselves responsible for their usage of Evernote, so we will not advise them of lack of server-side encryption - this might result in small revenues!

4. We will, however, continue advertizing Evernote as a place for any and all information our users have.

5. Adding note\notebook\DB encryption is such a hassle, there are export limitations, and who cares that Dropbox et al have managed to somehow solve this problem! Better spend the income on pay raises than security for our customers.

6. If your data gets stolen, it will most likely get stolen by a person having access to your device, rendering Evernote DB encryption pointless.

7. Anybody who is claiming that the above is not a sane position is an "Evangelist-basher" (another priceless term here).

Now, it's all pretty self-evident, so I won't dwell upon it. I'd only like to comment on (6) above: having time-limited viewing capability of secured notes\notebooks would very much reduce the risk of compromising sensitive information almost to zero. I.e. the user enters the password to see the note, which stays visible in its unencrypted form only until the user-specified countdown has been reached, or the user switches to another note\notebook, or the device enters sleep mode; to view the note\notebook again, user will have to re-enter the password. This may be used as an additional (optional) security measure, separate and independent from the complete server-side DB encryption.

Lack of notebook\note encryption (as opposed to implemented note-text encryption) is a serious drawback. Right now, that means that I will continue storing my truly sensitive data on a DropBox drive in a BoxCryptor container, and less sensitive data on DropBox. This is far more convenient than encrypting every separate PDF file and archiving all inherently non-encryptable formats into password-protected zips\rars. Thus, I will not be needing a paid Evernote account, now ain't that a daisy?

The way I see it, there are several possibilities for this situation to develop:

1. Due to the small numbers of security-conscious people, things stay as they are. People who don't want to encrypt files individually keep using dropbox, boxcryptor, TC. Other people store everything in Evernote. Nothing bad happens, everyone is happy.

2. Same as above, but one day, Evernote-stored data is compromised, and "Evangelists" have to tell all the users "it was your own fault, we have no responsibility over what you do with the tools we provide". Users do not like that, even if judges might agree.

3. As more and more people learn to appreciate the ease of use Evernote offers in accessing fragmented data, more tech-savvy, security-conscious people confront the limitation and request this feature. Under the pressure, Evernote devteam\management includes this functionality in the next century.

Hi. Thanks for the post. I think it is worth responding to the negative view you take of Evangelists here, because I think there is misinformation / misunderstanding. I hope you will go through the threads linked below and read some of the posts on the forums before unfairly attacking volunteers (the Evangelists) who give up their time to help out other users out of a desire to contribute to the community and support a product they find useful. They are not so evil and ignorant as your post makes them out to be (in my somewhat biased opinion).

(1) I am one of the people asking for encrypted notebooks (http://discussion.ev...on/#entry152066), so I guess there are Evangelists who share your desire for the feature.

(2) I don't work at Evernote and have no influence whatsoever on their development policies, so I can only discuss what Evernote staff have said on the topic (http://discussion.ev...ks-and-syncing/ http://discussion.ev...pted-notebooks/ http://discussion.ev...ook-encryption/ ), what I think about it, and what I think users can do to deal with the product that is, not the product that isn't.

Personally, I would like to see lots of features, but I understand why Evernote hasn't, and probably will not implement some of them. That is their prerogative, and I figure that if they can take the business from 0 to 40 million in just four years, then they must be doing something right! The best thing we can do as users is to suggest features by talking about the problems (our use cases) and why we think X is the best solution. Why do you want encrypted notebooks? Evernote staff read this forum regularly, so it is quite likely they will see your post. They may not agree, but I can assure you that they are listening.

Link to comment
  • 2 weeks later...

Having read and understood the logic that has been given for not offering encryption as part of the Evernote solution, my feedback as a customer and constant user of Evernote is that this is a very important feature that would make the difference between offering a solution for storing non-confidential information to storing everything. As a customer, a solution that could securely keep cloud and local copies of everything would be absolutely invaluable. ("Everything" includes all those documents that people don't want to use : financial, banking, passports, passwords, legal documents related to assets like houses, immigration documentation, ... the list goes on and on). How many people have this stuff backed-up and stored in multiple locations?

Suggestions that the customer should take care of this are just nonsense. To enable Evernote to work for Everything, encryption would be needed on the server side, on the local client offline storage, and on every supported device. Perhaps there are a few genius users who could figure this out for themselves using open source projects, perhaps not. It doesn't matter. The point of Evernote is that it is easy. Only an integrated, secure solution offered by Evernote would enable Evernote's target customers to "Capture Everything" and "Access Anywhere".

I have understood that encryption would get in the way of the "Find Things Fast" notion. But that is not an excuse to drop the "Capture Everything" proposition. My suggestion : offer built-in encryption. To help index and search work well, allow the tags to be non-encrypted. Or more generally, my request would be "you guys are smart, figure this out".

I don't believe that in the long term there is a defensible position that Evernote can take without offering information security. At some point some upstart will come up with something similar with better security. And at that point, customers are not going to use two solutions, one for confidential and the other for non-confidential information.

Just do it.

Link to comment
  • 2 weeks later...

This overall feature request (more encryption options) seems like it's long-standing and persistent. Given that there is already encryption of text-blocks within individual notes, adding further encryption options for other object types (images, documents, etc.) would seem relatively easy. Yes, encrypting a picture or document would prevent OCR and indexing, just as it breaks indexing for encrypted text blocks today. I think users are willing to suffer that limitation, as it follows directly from the behavior they are requesting: if we encrypt something for you, we can't read it and therefore can't index it. Further, since I can manually create a note that consists of a degenerate case of nothing but encrypted text, it would seem that Evernote could save me the trouble and do that for me with a checkbox or something at the note level, encrypting all the body text and all embedded objects (pictures, documents, etc.). Again, yes, that would defeat indexing of all the objects in that note. The note metadata (title, tags, etc., would still be indexable, however. Given that behavior, it would then seem relatively easy to create a notebook that auto-encrypted all contained notes in such a manner.

I can understand resistance to encrypting metadata, as that would seem to be fundamental to Evernote's storage system. But obviously body text is not since Evernote already encrypts this. It's relatively easy for me as a user to avoid putting confidential information in metadata. It's significantly harder for me to do that in note bodies.

Now, as for the persistent objections to this from the Evernote evangelists, and I presume from Evernote staff, they just don't wash, IMO. To put it bluntly, they sound like excuses. Limitations based on behavior are acceptable to users. I'm willing to give up indexing of encrypted information. That's fine. Evernote still provides huge value in delivering an ever-present, multi-platform information repository with some organization features. If the ability to search on metadata (tltle, tags, etc.) is still present, that's enough to find a lot of things.

Can I use another product to perform all the encryption? Yes, of course. Would it be as integrated and convenient? No. Would it be cross-platform, on my mobile devices, too? Maybe. I can also use a different product from Evernote entirely, which suggests that maybe there is a market there to develop a competing Evernote alternative that products such a solution and which listens and responds to persistent feature requests.

I know that this post is likely to trigger a, "Fine, go ahead and choose another alternative to Evernote because we just don't do that." Let me suggest that such an attitude will eventually be counter-productive to Evernote's corporate growth goals. Maybe not this month or next month, but in time. Which would be sad because Evernote is a great product with a lot of promise. But it is far from perfect and those who work on it and shepherd its direction should be fully aware of its limitations and the desires of its user-base. It should be common sense that responding to persistent, loud, and *reasonable* feature requests with defensiveness, excuses, and sometimes hostility would be a bad thing, but I guess common sense isn't so common.

Link to comment
  • Level 5*

This overall feature request (more encryption options) seems like it's long-standing and persistent. Given that there is already encryption of text-blocks within individual notes, adding further encryption options for other object types (images, documents, etc.) would seem relatively easy. Yes, encrypting a picture or document would prevent OCR and indexing, just as it breaks indexing for encrypted text blocks today. I think users are willing to suffer that limitation, as it follows directly from the behavior they are requesting: if we encrypt something for you, we can't read it and therefore can't index it. Further, since I can manually create a note that consists of a degenerate case of nothing but encrypted text, it would seem that Evernote could save me the trouble and do that for me with a checkbox or something at the note level, encrypting all the body text and all embedded objects (pictures, documents, etc.). Again, yes, that would defeat indexing of all the objects in that note. The note metadata (title, tags, etc., would still be indexable, however. Given that behavior, it would then seem relatively easy to create a notebook that auto-encrypted all contained notes in such a manner.

I can understand resistance to encrypting metadata, as that would seem to be fundamental to Evernote's storage system. But obviously body text is not since Evernote already encrypts this. It's relatively easy for me as a user to avoid putting confidential information in metadata. It's significantly harder for me to do that in note bodies.

Now, as for the persistent objections to this from the Evernote evangelists, and I presume from Evernote staff, they just don't wash, IMO. To put it bluntly, they sound like excuses. Limitations based on behavior are acceptable to users. I'm willing to give up indexing of encrypted information. That's fine. Evernote still provides huge value in delivering an ever-present, multi-platform information repository with some organization features. If the ability to search on metadata (tltle, tags, etc.) is still present, that's enough to find a lot of things.

Can I use another product to perform all the encryption? Yes, of course. Would it be as integrated and convenient? No. Would it be cross-platform, on my mobile devices, too? Maybe. I can also use a different product from Evernote entirely, which suggests that maybe there is a market there to develop a competing Evernote alternative that products such a solution and which listens and responds to persistent feature requests.

I know that this post is likely to trigger a, "Fine, go ahead and choose another alternative to Evernote because we just don't do that." Let me suggest that such an attitude will eventually be counter-productive to Evernote's corporate growth goals. Maybe not this month or next month, but in time. Which would be sad because Evernote is a great product with a lot of promise. But it is far from perfect and those who work on it and shepherd its direction should be fully aware of its limitations and the desires of its user-base. It should be common sense that responding to persistent, loud, and *reasonable* feature requests with defensiveness, excuses, and sometimes hostility would be a bad thing, but I guess common sense isn't so common.

Hi. Welcome to the forums.

I think you paint the Evangelists with too broad a brush. As I said above in this thread, I would like to see the feature as well (http://discussion.evernote.com/topic/20321-request-selective-notebook-encryption/#entry152073), so I guess we are on the same page after all.

A lot of things that look simple, aren't. And, a lot of things I want, Evernote developers do not agree are priorities. That's cool. I think that is just how things work for any application, no matter how soft / loud reasonable feature requests are. With clients on all major operating systems, 40 million + users, and users all over the world, they have a lot to consider every time they make even a minor change. I haven't seen any of the Evernote developers show hostility on the forums with regard to this request, though. Perhaps you are painting them with too broad a brush as well?

As it stands now, Evernote encourages users to encrypt sensitive data before uploading and provides minimal encryption features for text, so I think the Evangelists (users like yourself) are trying to both interpret Evernote's thinking and suggest solutions based on their experience. I doubt any one of the Evangelists would say you shouldn't suggest a feature.

Link to comment

Archived

This topic is now archived and is closed to further replies.


×
×
  • Create New...