Jump to content

What External/3rd-Party Network/Internet Resources Are Needed by Evernote


ariver

Recommended Posts

Hello,

I noticed that the EN App on OS X (El Capitan) tries to access resources related to notes I'm opening.

I tried to search for this issue, and it seems to have been brought up a number of times. (I'm yet-another-little-snitch-user.)

Here's the most relevant I found:

 

(And, yes, I'm aware of the implications of EN app using webkit. {are you still?})

My question is, what resources are needed by EN for functionality.
I want explicitly allow what is needed and block all other access.

For this, I have the following reasons.

  1. These requests are often not secure and also divulge information about the contents of my notes to whatever network I'm on.
    1. I shouldn't have to disable networking on my device to feel safe opening a note that is supposedly fully synced for offline use.
  2. These resource requests use bandwidth I may not realize I have to allocate towards EN use.
  3. I want to know what I have actually been able to capture as a note.
    1. In the past, I thought oddities in clipped pages were just lack of javascript or some other funkiness.
    2. It should be left up to me, the user, to determine if it's ok to clip the contents of a page.
    3. Now I have to add another step to each important clip I make; opening the note to make sure it captured what I intended.

As a note, I am currently allowing/blocking requests from EN on OSX in this manner:

allow  domain evernote.com                443
allow  ssl-google-analytics.l.google.com  443
deny   c.tiles.mapbox.com                 80
deny   any                                443
deny   any                                80
#deny  any                                any # Not yet

I don't have a problem with your use of G:analytics to analyze app usage, though I'm not confident you're only allowing it for your own app.

Also, I don't see any reason for you to be using unencrypted access to (c.tiles.mapbox.com). They have a secure endpoint also.

Thanks for your time and a great product and service! :D

-- 
Aaron
-- 

Link to comment

I was hoping to make the information available to the many other users of EN that would like to properly exercise more control over their network usage.

My understanding was that EN employees also contribute to the forums. :D

Link to comment
  • Level 5*

Evernote don't (usually) respond to specific queries in the Forums,  but an employee will get around to reading this in due course.  Nothing to stop you raising the support request and then posting the responses...  :)

Link to comment
  • 1 month later...

Ok.

Got to talk to a very nice Evernote developer. :D

For primary Evernote functionality, the app should only need to contact Evernote domains, Google Analytics, and Mapbox Tiles.

(I leave GA allowed because I want Evernote to get usage data in order to improve the app/service.)

(I only allow mapbox when connected to a trusted network, but I don't use Atlas much, so I could just block it.)

Any connection attempts outside of that are to fill the gaps in captured pages where resources could not be stored in the note.

allow  domain evernote.com                443
allow  ssl-google-analytics.l.google.com  443
deny   c.tiles.mapbox.com                 80
deny   any                                443
deny   any                                80
Link to comment

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...