The RC2 thing from the disclosure is really, really weird. It makes Evernote the only app built in the last 10 years that I am aware of to build on RC2. I wonder whether it's a mistake, and they're actually using RC4 with truncated keys or something.
"For Evernote's consumer product, the current encryption algorithms are chosen more for exportability under the Commerce Department rather than strength, since our software permits the encryption of arbitrary user data with no escrow."
I guess Evernote's been around for a while, but wasn't it way back in 2010 that the BIS allowed simple self service registration and annual self classification of almost all "mass market" use of crypto?
International regulations are pretty insane. For example, France requires you to submit your software to them for review that's supposed to take up to 2 weeks. This isn't just for product releases, it includes everything, including patches.
Apple, MS and Google can get away with it because they have large legal teams that help them with all the various rules and regulations. For smaller companies, it's simply too massive to bother taking more than an off-the-shelf solution.
I know the CEO is a security guy and worked with Defense Department stuff. I think it's one of those things where you feel so comfortable with something that you make choices others don't because, come on, you're a startup.
> Give it a shot. Send someone a link to the non-SSL sign in and it won’t flip them over to SSL. It will also accept your credentials via non-SSL POST. So fire up SSLStrip and head down to your local coffee shop.
If you are in a position to execute a MITM, it doesn't matter whether they flip people to HTTPS or not. If the site forced HTTPS you could still rewrite the redirect and proxy the HTTPS to HTTP (the secure connection being between your proxy server and Evernote's). Only strict transport security would solve this, if the browser supports it and the user has accessed evernote before.
Yeah, this is an entirely valid criticism. It was more of a nitpicky point that they weren't flipping to HTTPS automatically, but from a practical standpoint it's no more secure if they did since they lack HSTS.
While I love Evernote as much as anyone on hacker news, Mark does make very good points about the state of security within the application. It seems that with respect to today's security breach that the company has done quite well with their response. One can only hope that this focuses their development on addressing these topics (i.e. encryption of notes is a joke) as much as it has raised concerns about the security features they offer.
The point that the folks over at Evernote are really missing is that Joe Average is using the very same credentials everywhere else, from their Gmail to the Amazon accounts. If Evernote where sensible about security of their users, they would have explained why it is indeed a bad and common practice to use the same password everywhere, as it is a certain way to get your online identity hijacked sooner rathre than later by means of a breakin like this one. It is good to know that passwords have been stored salted, but nevertheless, eventually these credentials are now compromised and if Evernote where sensible about this they would have told their users to reset their password whereever they use the same one, which is probably lousy marketing compared to "hey, we got your password stolen, but don't worry, it was encrypted".
One would think there'd be proper competition because one of the major motivators is going paperless... it's kind of odd that in 2013 there still aren't a lot of easy to use solutions that can store sensitive documents (bills, tax documents etc) that require a great level of privacy and security.
I do too, but it doesn't fit the use case of going paperless. Ability to drop in PDFs and OCR images in Evernote as well as handling large data sets are essential features.
Only half the points are valid. SSL is a selling point, because it takes a lot of work to setup completely. Lots of websites (including high-profile ones like Outlook.com) have mixed content errors at one place or another, or appear to but don't fully support SSL. The fact that they "used to" use it as a selling point says enough too.
SSL signin should not be enforced. HTTP should give a big warning, but SSL is not fully supported in all clients.
No. I consider properly setting up SSL to be a duty of care for the website owner. Your argument could apply to storing passwords in plaintext because "hashing is hard," or doctors refusing to wash their hands between patients because "it takes too much time" -- it's just not a corner that professionals should cut anymore.
Is it also easy with hundreds or thousands of servers around the world? Perhaps it's not particularly hard, but it's also not something that's thought through and implemented overnight.
If you trust your data center security it should be easy to deploy a single certificate to all production webservers. Much easier than doing the actual site configuration.
There are a lot of hard things to do when scaling, SSL isn't in the hard class.
Windows XP with any Internet Explorer (even 8) and Safari don't support SNI. You need to use more expensive certificates or get an unique IPv4 address in order to support https there.
Is there a way to download your Evernote data? Not to say that I find this an opportunity to bash Evernote, but I am terribly disappointed that a service that advertised you to keep really personal stuff, even your tax info on their servers just got hacked.
I think I'm going back to creating .txt files on my desktop which no one else has access to (physcially and programatically), which despite having no encryption or whatsoever is still secure than having them on a third party server that could get hacked like this, because they advertise one thing and do exactly the opposite.
Note that for some reason this option is only available in the Windows client. I had to boot into Windows on my macbook to do the export a few weeks ago.
"If you encrypt text within a note, we derive a 64-bit RC2 key from your passphrase and use this to encrypt the text. This is the longest symmetric key length permitted by US Export restrictions without going through a complex process to gain export approval."
No, this is not true. I think Evernote has been misinformed.
If all you are doing is encrypting data with a standard algorithm, it takes less than 30 minutes to fill out the paperwork to get an encryption registration number (ERN). Total turnaround time when I've done it has been about two weeks.
There are some exceptions. If you are trying to export cryptanalytic software or doing something non-standard, you may have delays.
Mark, it would be helpful if you would disclose if you are a paying customer or not, and if not if having additional security options would convert you into a paying customer.
The reasoning is pretty simple, people want security but they don't want to pay for it. And while we can debate the argument as to whether or not security is part of a MVP or not, I would not be offended if there were additional security capabilities to paid users but not free users.
I think this could work for some things but definitely not others. You're riding a razor-thin line between security (essential) and convenience/peace-of-mind (not terribly essential), with potential ethical implications.
"Authenticate with your voice using our voice recognizer app," for example, could be pretty superfluous, since it's about convenience.
"Keep your password safe by not storing it in plaintext" should definitely be part of the core offering, no matter the price point.
"Use our app through a custom VPN" could be offered for pay, since offering that service costs the provider something.
"Use our app through SSL -- paying customers only!" should again be a core product, especially since it does not cost anything extra.
"Pay us 5¢ and we won't share your internal data with advertisors" etc etc -- you can certainly see where this is going
I think you're, rather cynical, reasoning falls flat. This would not be a good policy for a company to adopt. If I was evaluating software and saw such a policy, it would bring a lot of uneasy feelings, even regarding the supposed security of the paid version. This side steps the bad publicity and general ill-feelings the community at large would have about your service. I don't think it is strategically a good choice to make such a compromise on security. At best, I could see giving separate authentication mechanisms such as two-factor for paid users, but that's as far as I'd go.
"If I was evaluating software and saw such a policy, it would bring a lot of uneasy feelings, even regarding the supposed security of the paid version."
What if it was explicit? What if Evernote said, "Since it would cause us to lose money if we spent time on both more sophisticated security in the free product. Its basically secure against random threats but dedicated people will be able to break into it. If you want a truly secure product you should sign up for the paid product, part of that fee goes to paying the salaries of the security team we have on staff who are keeping it that way."
We also need to be clear what we mean by "security" here, there is "security" as in we make sure if someone breaks in they cannot easily get your password (they seem to have done that with salted passwords), and their is security as in "Even our operations staff can't get you access to your files if you lose your access token." level of security which takes a lot more work.
I'll admit I was pretty put off by Mark's assertion that Evernote doesn't care about security, his basis for that are three claims, that 2 factor authentication is late, that SSL isn't forced on, and that 64 bit RC2 is used in the free product. What is the purpose of the free product anyway? Is it to prove their security? I don't think it is, I think it is to give you a way to test drive what their product does without risking any money.
Anyway, someone broke in and got access to hashed and salted passwords and Evernote reset those. LinkedIn had the same issue, some Facebook apps grabbed similar data, Google has hosted malware in their App Store which tried to install banking trojans on your phone.
I am not persuaded by the assertion that "Evernote doesn't care about security" any more than "Google doesn't care about security" (and I happen to know they care very deeply and still get compromised now and then).
I defended Evernote because I felt Mark was unfairly maligning them and their CEO. I would be more sympathetic if he was a paying customer, and less sympathetic if he only has a free account.
Fuck your logic; Facebook is free, then why the hell do you expect it to be secure? Because any service whether free or not, that has YOUR personal information is supposed to keep it secure. And your (possibly dumbfuck) argument that paying customers should get more security than free users is like saying it's ok to kill people who have no insurance for themselves, but not ok to kill the ones who have taken insurance.
As stated in the post, "they fixed this some time ago, but..." -- As in, it used to be a premium feature, and while that has changed, it may still say a lot about their priorities.
I'm pretty happy with org-mode, albeit minus the "OCR" bit. (Most of my org-mode docs tend to be written in org and stay there, there's less of this "pulling documents from outside into it" business than evernote)
Google Drive mobile applications leave a lot to be desired. The main problem is you can't store all your notes offline -- you have to select each file individually, set "make offline", and even then they don't auto-update.
Google Drive/Docs has surprisingly poor search capabilities compared to the native Evernote client. Almost everything about Docs is sluggish and clunky compared to Evernote's lightweight simplicity.
