ariver 2 Posted August 24, 2016 Share Posted August 24, 2016 Hello, I noticed that the EN App on OS X (El Capitan) tries to access resources related to notes I'm opening. I tried to search for this issue, and it seems to have been brought up a number of times. (I'm yet-another-little-snitch-user.) Here's the most relevant I found: (And, yes, I'm aware of the implications of EN app using webkit. {are you still?}) My question is, what resources are needed by EN for functionality. I want explicitly allow what is needed and block all other access. For this, I have the following reasons. These requests are often not secure and also divulge information about the contents of my notes to whatever network I'm on. I shouldn't have to disable networking on my device to feel safe opening a note that is supposedly fully synced for offline use. These resource requests use bandwidth I may not realize I have to allocate towards EN use. I want to know what I have actually been able to capture as a note. In the past, I thought oddities in clipped pages were just lack of javascript or some other funkiness. It should be left up to me, the user, to determine if it's ok to clip the contents of a page. Now I have to add another step to each important clip I make; opening the note to make sure it captured what I intended. As a note, I am currently allowing/blocking requests from EN on OSX in this manner: allow domain evernote.com 443 allow ssl-google-analytics.l.google.com 443 deny c.tiles.mapbox.com 80 deny any 443 deny any 80 #deny any any # Not yet I don't have a problem with your use of G:analytics to analyze app usage, though I'm not confident you're only allowing it for your own app. Also, I don't see any reason for you to be using unencrypted access to (c.tiles.mapbox.com). They have a secure endpoint also. Thanks for your time and a great product and service! -- Aaron -- Link to comment
Level 5* gazumped 11,524 Posted August 24, 2016 Level 5* Share Posted August 24, 2016 Hi. You're getting to fellow users here in the forums and this question is a bit above our (unpaid)pay grade - well it is mine, anyway. I'd recommend you contact support for a definitive answer on this, Link to comment
ariver 2 Posted August 24, 2016 Author Share Posted August 24, 2016 I was hoping to make the information available to the many other users of EN that would like to properly exercise more control over their network usage. My understanding was that EN employees also contribute to the forums. Link to comment
Level 5* gazumped 11,524 Posted August 24, 2016 Level 5* Share Posted August 24, 2016 Evernote don't (usually) respond to specific queries in the Forums, but an employee will get around to reading this in due course. Nothing to stop you raising the support request and then posting the responses... Link to comment
ariver 2 Posted August 24, 2016 Author Share Posted August 24, 2016 Chatting with them right now. Thanks @gazumped! Link to comment
Nick L. 681 Posted August 26, 2016 Share Posted August 26, 2016 Support won't be able to answer your question because this is geared more towards development and why such decisions are put in place. Please post your question in the Evernote developer forum. Link to comment
ariver 2 Posted August 26, 2016 Author Share Posted August 26, 2016 Ah, ok! Thanks, @nicolml! Will do.. Link to comment
ariver 2 Posted October 5, 2016 Author Share Posted October 5, 2016 Well, @nicolml, they didn't like me over in SO.evernote. I've submitted a new support ticket: 1851859 Link to comment
ariver 2 Posted October 10, 2016 Author Share Posted October 10, 2016 Ok. Got to talk to a very nice Evernote developer. For primary Evernote functionality, the app should only need to contact Evernote domains, Google Analytics, and Mapbox Tiles. (I leave GA allowed because I want Evernote to get usage data in order to improve the app/service.) (I only allow mapbox when connected to a trusted network, but I don't use Atlas much, so I could just block it.) Any connection attempts outside of that are to fill the gaps in captured pages where resources could not be stored in the note. allow domain evernote.com 443 allow ssl-google-analytics.l.google.com 443 deny c.tiles.mapbox.com 80 deny any 443 deny any 80 Link to comment
Recommended Posts
Archived
This topic is now archived and is closed to further replies.