
Evernote doesn't really care about security - mdp
http://markpercival.us/post/44391805072/evernote-doesnt-really-care-about-security
======
tptacek
The RC2 thing from the disclosure is really, really weird. It makes Evernote
the only app built in the last 10 years that I am aware of to build on RC2. I
wonder whether it's a mistake, and they're actually using RC4 with truncated
keys or something.

~~~
bitcartel
Confirmed here too.

[https://support.evernote.com/link/portal/16051/16058/Article...](https://support.evernote.com/link/portal/16051/16058/Article/1652/What-
type-of-encryption-does-Evernote-use)

~~~
arete
"For Evernote's consumer product, the current encryption algorithms are chosen
more for exportability under the Commerce Department rather than strength,
since our software permits the encryption of arbitrary user data with no
escrow."

I guess Evernote's been around for a while, but wasn't it way back in 2010
that the BIS allowed simple self service registration and annual self
classification of almost all "mass market" use of crypto?

<http://www.bis.doc.gov/encryption/summary.htm>

~~~
jmspring
Addressing US regs doesn't necessarily mean you are compliant with assorted
international regs.

Crypto, export, and service availability can be tricky things.

~~~
cube13
International regulations are pretty insane. For example, France requires you
to submit your software to them for review that's supposed to take up to 2
weeks. This isn't just for product releases, it includes everything, including
patches.

Apple, MS and Google can get away with it because they have large legal teams
that help them with all the various rules and regulations. For smaller
companies, it's simply too massive to bother taking more than an off-the-shelf
solution.

~~~
coldtea
So, how come all sorts of small companies, from 1Password to Dropbox use
stronger encryption?

------
aschobel
Co-founder of Catch here, we are sometimes compared to Evernote but Catch is a
note-sharing and collaboration app.

1\. Two-factor

We don't offer two factor but is something we are investigating. This is
mitigated somewhat by the fact that a lot of our users use Google login.

2\. SSL / TLS

SSL shouldn't be a paid feature. It's been included in our product for free
since we launched.

We try and use SSL everywhere. All page from catch.com are only available via
SSL. e.g. login, landing page, marketing, blog, etc.

There are a few exceptions like our Knowledge Base which is powered by Assitly
/ Desk:

<http://support.catch.com/>

3\. Encryption

We don't offer note level encryption. We'd love to get some feedback on a
straightforward way to do key management.

4\. HSTS

We've been using HSTS for at least a year now. It was an easy decision for us
since all content from catch.com is only available via SSL.

Security is hard and hopefully these breaches will raise the bar for
everybody.

~~~
rane
> Co-founder of Catch here, we are sometimes compared to Evernote but Catch is
> a note-sharing and collaboration app.

Would you say Catch has something to offer over Evernote for someone who uses
the latter for private & personal notes?

~~~
julianz
Evaluated them both for quite a while: No desktop client, no note formatting,
no embedded images. So no.

------
paulgb
> Give it a shot. Send someone a link to the non-SSL sign in and it won’t flip
> them over to SSL. It will also accept your credentials via non-SSL POST. So
> fire up SSLStrip and head down to your local coffee shop.

If you are in a position to execute a MITM, it doesn't matter whether they
flip people to HTTPS or not. If the site forced HTTPS you could still rewrite
the redirect and proxy the HTTPS to HTTP (the secure connection being between
your proxy server and Evernote's). Only strict transport security would solve
this, if the browser supports it and the user has accessed evernote before.

~~~
mdp
Yeah, this is an entirely valid criticism. It was more of a nitpicky point
that they weren't flipping to HTTPS automatically, but from a practical
standpoint it's no more secure if they did since they lack HSTS.

Struck it from the post.

~~~
gingerlime
but when you struck it out, the first impression is that it's actually not a
problem, but in fact it's even a bigger problem. right?

------
alex_anglin
While I love Evernote as much as anyone on hacker news, Mark does make very
good points about the state of security within the application. It seems that
with respect to today's security breach that the company has done quite well
with their response. One can only hope that this focuses their development on
addressing these topics (i.e. encryption of notes is a joke) as much as it has
raised concerns about the security features they offer.

------
fiber
The point that the folks over at Evernote are really missing is that Joe
Average is using the very same credentials everywhere else, from their Gmail
to the Amazon accounts. If Evernote where sensible about security of their
users, they would have explained why it is indeed a bad and common practice to
use the same password everywhere, as it is a certain way to get your online
identity hijacked sooner rathre than later by means of a breakin like this
one. It is good to know that passwords have been stored salted, but
nevertheless, eventually these credentials are now compromised and if Evernote
where sensible about this they would have told their users to reset their
password whereever they use the same one, which is probably lousy marketing
compared to "hey, we got your password stolen, but don't worry, it was
encrypted".

------
trekkin
Most consumers want convenience first, security second. Evernote just targets
the mass market.

~~~
epochwolf
For the data I store in Evernote I'm fine with this.

~~~
pknight
One would think there'd be proper competition because one of the major
motivators is going paperless... it's kind of odd that in 2013 there still
aren't a lot of easy to use solutions that can store sensitive documents
(bills, tax documents etc) that require a great level of privacy and security.

~~~
epochwolf
I use 1Password with dropbox sync for secure notes.

~~~
dasil003
I do too, but it doesn't fit the use case of going paperless. Ability to drop
in PDFs and OCR images in Evernote as well as handling large data sets are
essential features.

------
lucb1e
Only half the points are valid. SSL is a selling point, because it takes a lot
of work to setup completely. Lots of websites (including high-profile ones
like Outlook.com) have mixed content errors at one place or another, or appear
to but don't fully support SSL. The fact that they "used to" use it as a
selling point says enough too.

SSL signin should not be enforced. HTTP should give a big warning, but SSL is
not fully supported in all clients.

~~~
paulgb
Are there clients which support evernote but would not support SSL?

~~~
lucb1e
If not fully supporting https counts, then Windows XP is one. That still has a
rather big market share.

------
neya
Is there a way to download your Evernote data? Not to say that I find this an
opportunity to bash Evernote, but I am terribly disappointed that a service
that advertised you to keep really personal stuff, even your tax info on their
servers just got hacked.

I think I'm going back to creating .txt files on my desktop which no one else
has access to (physcially and programatically), which despite having no
encryption or whatsoever is still secure than having them on a third party
server that could get hacked like this, because they advertise one thing and
do exactly the opposite.

~~~
sreidnw
The desktop client has a "Export Notes" function that will export to HTML or
their custom format. I use this to make a local backup occasionally.

~~~
nvr219
Note that for some reason this option is only available in the Windows client.
I had to boot into Windows on my macbook to do the export a few weeks ago.

For regular backups I use time machine which includes the user data folder:
[https://support.evernote.com/link/portal/16051/16058/Article...](https://support.evernote.com/link/portal/16051/16058/Article/1281/Backing-
up-and-Restoring-Evernote-Data-under-OS-X)

------
thomas-st
"If you encrypt text within a note, we derive a 64-bit RC2 key from your
passphrase and use this to encrypt the text. This is the longest symmetric key
length permitted by US Export restrictions without going through a complex
process to gain export approval."

Is this still true? Weren't US cryptography export restrictions relaxed in
2000? (See e.g. <http://www.rsa.com/rsalabs/node.asp?id=2327>)

~~~
sweis
No, this is not true. I think Evernote has been misinformed.

If all you are doing is encrypting data with a standard algorithm, it takes
less than 30 minutes to fill out the paperwork to get an encryption
registration number (ERN). Total turnaround time when I've done it has been
about two weeks.

There are some exceptions. If you are trying to export cryptanalytic software
or doing something non-standard, you may have delays.

<http://www.bis.doc.gov/encryption/enc_faqs.htm>

------
ChuckMcM
Mark, it would be helpful if you would disclose if you are a paying customer
or not, and if not if having additional security options would convert you
into a paying customer.

The reasoning is pretty simple, people want security but they don't want to
pay for it. And while we can debate the argument as to whether or not security
is part of a MVP or not, I would not be offended if there were additional
security capabilities to paid users but not free users.

~~~
dinkumthinkum
I think you're, rather cynical, reasoning falls flat. This would not be a good
policy for a company to adopt. If I was evaluating software and saw such a
policy, it would bring a lot of uneasy feelings, even regarding the supposed
security of the paid version. This side steps the bad publicity and general
ill-feelings the community at large would have about your service. I don't
think it is strategically a good choice to make such a compromise on security.
At best, I could see giving separate authentication mechanisms such as two-
factor for paid users, but that's as far as I'd go.

~~~
ChuckMcM
So can you say more about that? Specifically

"If I was evaluating software and saw such a policy, it would bring a lot of
uneasy feelings, even regarding the supposed security of the paid version."

What if it was explicit? What if Evernote said, "Since it would cause us to
lose money if we spent time on both more sophisticated security in the free
product. Its basically secure against random threats but dedicated people will
be able to break into it. If you want a truly secure product you should sign
up for the paid product, part of that fee goes to paying the salaries of the
security team we have on staff who are keeping it that way."

We also need to be clear what we mean by "security" here, there is "security"
as in we make sure if someone breaks in they cannot easily get your password
(they seem to have done that with salted passwords), and their is security as
in "Even our operations staff can't get you access to your files if you lose
your access token." level of security which takes a lot more work.

I'll admit I was pretty put off by Mark's assertion that Evernote doesn't care
about security, his basis for that are three claims, that 2 factor
authentication is late, that SSL isn't forced on, and that 64 bit RC2 is used
in the free product. What is the purpose of the free product anyway? Is it to
prove their security? I don't think it is, I think it is to give you a way to
test drive what their product does without risking any money.

Anyway, someone broke in and got access to hashed and salted passwords and
Evernote reset those. LinkedIn had the same issue, some Facebook apps grabbed
similar data, Google has hosted malware in their App Store which tried to
install banking trojans on your phone.

I am not persuaded by the assertion that "Evernote doesn't care about
security" any more than "Google doesn't care about security" (and I happen to
know they care very deeply and still get compromised now and then).

I defended Evernote because I felt Mark was unfairly maligning them and their
CEO. I would be more sympathetic if he was a paying customer, and less
sympathetic if he only has a free account.

~~~
newman314
Where does it say that RC2 is only used for the free product?

AFAIK it's all the time which is ABadThing (tm)

FWIW, if one has to rely on security being a differentiator in 2013, that's
IMO a bad sign. Compete on other features but not security.

------
DiabloD3
I thought SSL was enabled on Evernote for all customers now? Maybe its time to
consider not using Evernote.

~~~
Smudge
As stated in the post, "they fixed this some time ago, but..." -- As in, it
used to be a premium feature, and while that has changed, it may still say a
lot about their priorities.

------
nicholassmith
I agree with the article, but holding up two companies (Dropbox/Twitter)
who've had their own security problems was some what odd.

------
rietta
I wonder how feasible it would be to add a plugin to the Evernote application
to tie in with GnuPG through gpgme.

------
AdamGibbins
What're the alternatives to Evernote? e.g. decent document tagging, excellent
search and preferably OCR.

~~~
msh
Google drive

~~~
nvr219
Google Drive mobile applications leave a lot to be desired. The main problem
is you can't store all your notes offline -- you have to select each file
individually, set "make offline", and even then they don't auto-update.

~~~
msh
yes, you are right but that is also an issue with the nonpremium version of
evernote.

