Jump to content

(Archived) can other people see my evernotes?


Recommended Posts

  • Level 5

As Jeff said, only if you share them with others.

To do this: Right click on the note title and choose a "share" Option.

If you don't share (and protect your password) nobody can see your notes.

Link to comment

Out of interest, do any established Evernote users encrypt any notes or files they upload?

I encrypt or password-protect word processor/spreadsheet documents & PDFs that contain personal details before I upload them, and I encrypt text notes with personal details in Evernote after I enter them but I wonder if this is necessary (and, yes, I have read the Knowledge Base entries on security before anyone asks :P).

Link to comment
  • Level 5

Out of interest, do any established Evernote users encrypt any notes or files they upload?

Evernote does not support 3rd party encryption. Plus, if you encrypt, you will lose the Evernote OCR capability, plus you will not be able view any of your information on other platforms such as smartphones, tablets, other computers, or even the Evernote web.

Encryption will help protect your local client in case someone steals your computer.

(and, yes, I have read the Knowledge Base entries on security before anyone asks :P).

You will have more success if you search this user forum for encryption solutions.

Link to comment
  • Level 5*

Out of interest, do any established Evernote users encrypt any notes or files they upload?

If you encrypt, you will lose the Evernote OCR capability, plus you will not be able view any of your information on other platforms such as smartphones, tablets, other computers, or even the Evernote web.

Encryption will help protect your local client in case someone steals your computer.

Not quite correct, I'm afraid. If you encrypt a PDF with 128-bit encryption, you ought to be able to open it just fine on the iPad (last time I tried) and other computers. If you want to step up to 256-bit encryption, though, you'll run into all kinds of headaches on the iPad. Only the Adobe Acrobat Reader app can handle that (last time I checked), and I don't think you'll be able to "open in" the app from Evernote, becasue the 256-bit PDF will crash Evernote (last time I checked). Things change all the time, so I recommend testing this out for yourself before "mission critical" tasks.

jbenson2 points to another problem here with his comments. Encryption can introduce obstacles into your workflow, and it is a good idea to ask yourself if it is really worth putting the file onto the cloud in the first place. There might be a lot of things that are, but there will surely be other things that could just as soon hang out on your local drive and wait to be seen until you get home :)

Link to comment
  • Level 5

GrumpMonkey is correct. I assumed the request pertained to full data encryption using something like TrueCrypt.

But after reading the post again, I see it was limited to just attachments. Individual attachments can be encrypted with a 3rd party program.

Thanks for the tip/warning on 256-bit encryption.

Link to comment

Thanks for the responses, both. I can open my encrypted PDFs on my Android phone, by the way.

It's interesting - a lot of users say that they scan receipts, say, and bung them into Evernote for easy reference and access. But a lot of my receipts will have my home address and/or email on, especially for online purchases. So I'm reluctant to put them into the cloud without at least password protection.

I don't use TrueCrypt but I do use Evernote's built in text encryption and password protection/encryption of PDFs and Pages documents. I also have a few FileVaults on my Mac for sensitive stuff that isn't going into the cloud.

But am I being over-cautious in Evernote? As you say, searching is kyboshed with encryption in Evernote which defeats the purpose of "storage and easy access" somewhat.

Link to comment
  • Level 5*

GrumpMonkey is correct. I assumed the request pertained to full data encryption using something like TrueCrypt.

But after reading the post again, I see it was limited to just attachments. Individual attachments can be encrypted with a 3rd party program.

Thanks for the tip/warning on 256-bit encryption.

No worries. Personally, I think Evernote (and most of the other app developers out there) need to re-commit to that outdated thing we call a manual. These kinds of little details can be devastating, like when you encrypt a copy of your passport and other travel documents, load it online for a trip, and discover while traveling that everything is completely inaccessible. It crashes everything on your iPad. This is most definitely not meant to single Evernote out, because no one mentions this, and you know Apple won't bother to tell you abou this either. *sigh* I'll end my rant by recommending that everyone test workflows in the wild before committing to them. I think this is more generally applicable. I suppose, as a technical writer and translator, I have a bit more passion about this stuff than others :)

As for other types of encryption, there are all sorts of things to talk about there, and it would be good for users to know! One simple solution for the mobile platforms is a remote login service like Logmein that will enable you to access things through your computer. In the case of that nasty 256-bit encryption trick, you could always swipe your screen, go into Logmein, and open it up in Evernote on your home computer. The lesson here? I recommend having functional redundancy (buy two or more PDF readers, for example). On the computer, you don't have to think so much about this stuff, but on mobile, it pays to prepare these alternatives.

Link to comment

I'll end my rant by recommending that everyone test workflows in the wild before committing to them.

I think that's the real issue b/c even if some Current/up-to-date manual says something should work, technology is changing so quickly that what's true today may not be true tomorrow. Plus, there are so many variables like country, carrier, device, OS version, app version, etc.

One simple solution for the mobile platforms is a remote login service like Logmein that will enable you to access things through your computer. In the case of that nasty 256-bit encryption trick, you could always swipe your screen, go into Logmein, and open it up in Evernote on your home computer. The lesson here? I recommend having functional redundancy (buy two or more PDF readers, for example). On the computer, you don't have to think so much about this stuff, but on mobile, it pays to prepare these alternatives.

Absolutely agree! Especially when it comes to mission critical stuff like passports.

Link to comment
  • Level 5*

I think that's the real issue b/c even if some Current/up-to-date manual says something should work, technology is changing so quickly that what's true today may not be true tomorrow. Plus, there are so many variables like country, carrier, device, OS version, app version, etc.

Indeed. I made my living for a long while translating these manuals in order to deal with one variable: country. However, the obstacles are not so high as they appear. Evernote's basic features work exactly the same in every country, and for the exceptions (video notes for Android on one carrier in Japan) an asterisk and explanation in Japanese on the Japanese site would be sufficient. I think we'll have to agree to disagree about the feasability of such a project. I would link to my post last year about crowdsourcing an Evernote manual with a wiki, but that might be something to talk about at a later date :)

Link to comment

So the bottom line is that other people are not supposed to be able to see your notes, but the only thing preventing them from doing so is your faith in Evernote, Inc. (Given the problems with Skitch, Evernote 5, and ongoing issues syncing photos it's up to you to decide if that faith is well-placed.)

Link to comment

So the bottom line is that other people are not supposed to be able to see your notes, but the only thing preventing them from doing so is your faith in Evernote, Inc. (Given the problems with Skitch, Evernote 5, and ongoing issues syncing photos it's up to you to decide if that faith is well-placed.)

First, the issues (AFAIK) with EN5, Skitch is not one of security. They are mostly UI and (IME) most (maybe not all but most) sync'ing "issues" are b/c a user doesn't sync changes up from one device, then down to another device before making changes.

Second, isn't all we have in any cloud company our faith (which is hopefully based upon research as to the company's reliability)? Check out this problem Dropbox had last year: https://blog.dropbox...tication-bug/��

But IMO, any reputable company will take great pains to prevent any security issues. Based upon their posts/blog posts/podcasts where security is discussed, I'm confident they take the security of their users' data very seriously.

Link to comment

The issues with Skitch, EN5, etc are indicative of the care and QA ability that Evernote provides. The best way to judge a company is by their actions. And Evernote's recent actions don't engender faith, in my opinion.

This forum has plenty of people having server-side sync errors. Particularly with notes containing photos. This is not user error as you stated, the problem is on the Evernote servers. Again, indicative of overall QA and customer concern.

But most importantly, if your data is not encrypted than your information is vulnerable. Period. Without encryption there is no failsafe. So again, all you have is faith.

Clearly you have a lot of faith. But let's just agree that other customers might have reasons to be more skeptical than you are. And certainly every customer should know there data is not stored in a protected form. There's no good in trying to obfuscate that point.

Link to comment

The issues with Skitch, EN5, etc are indicative of the care and QA ability that Evernote provides. The best way to judge a company is by their actions. And Evernote's recent actions don't engender faith, in my opinion.

Personally, I see these as two entirely different issues. For one thing UI is subjective. I may like red & you like green. (shrug) But if you can see my notes when I have not extended permission to you, then that's a breach, regardless if they are red or green. But if you feel uncomfortable with the company as a whole, that's your choice & right as a user (or non/former user). You should make any changes you feel are necessary on your end b/c of that & you would be foolish not to.

And certainly every customer should know there data is not stored in a protected form. There's no good in trying to obfuscate that point.

Evernote indeed protects their users' data. Perhaps you are confusing 'protected' with 'encrypted'? If so, EN has NEVER claimed the data on the servers is encrypted. They have been VERY clear that it is not encrypted on their servers (as far back as 2008, when the service was in it's infancy) as well as the reasons why. (Because if it's encrypted & they don't have access to the encryption password, they can't index your notes. And "true" encryption means the host does not have access to the encryption password.)

http://www.evernote....58715c17dcb1ece

http://www.evernote....c4d066382a91152

http://www.evernote....173d1e5462c7a45

Link to comment

I'm not confusing anything, you're trying to soft peddle the situation. The data is not encrypted, thus it is not stored in a protected form. You're right that Evernote does not claim otherwise, and never has. So when someone asks if there is a possibility that others will have access to their data (which happened in this very thread) my answer is 100% correct: Other users are not supposed to have access to your data, but if there is a bug or security breach, then yes your notes are readable by others.

Link to comment

I'm not confusing anything, you're trying to soft peddle the situation. The data is not encrypted, thus it is not stored in a protected form. You're right that Evernote does not claim otherwise, and never has. So when someone asks if there is a possibility that others will have access to their data (which happened in this very thread) my answer is 100% correct: Other users are not supposed to have access to your data, but if there is a bug or security breach, then yes your notes are readable by others.

OP was asking in the sense that "are notes automatically public?" But sure, any servers are susceptible to hackers, including your bank & credit card companies. I doubt any company will claim they are unhackable & AFAIK, that's not the discussion here.

Link to comment

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...