Skip to content

Tag: hacks

Leaving Evernote

Leaving EvernoteYesterday I got the email that millions of other people got in regards to Evernote resetting my password due to someone hacking into their user data system.

The investigation has shown… that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts, and encrypted passwords. Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted.)

After following the very geeky discussion about it in /r/netsec I was left wondering if I was placing too much faith in Evernote to protect all the brain dumps, notes, files, and private information I like to store in it.

Cloudy with a chance of security breach

After stumbling across this blog post entitled “Evernote doesn’t really care about security” I became convinced that it was time to leave Evernote. The security breach was actually the last straw in a number of things that have been bugging me more often than not — frequent crashes being the chief one.

Sometime around when Evernote added Skitch, the whole shebang started crashing on me frequently. I’m a premium Evernote user, and dealing with the app crashing multiple times a day quickly became aggravating. It has been almost unusable at times. That does not bode well for something you need to access frequently throughout a given day.

Then there were the issues where my notes were not synching between my laptop and my desktop, which I don’t really need to go into. You’ve probably had them too, if you are an Evernote user on more than one computer.

Lastly, I mentioned I was a paid Evernote user, but I never found myself using the paid features. The other big issue for me was with tagging – I would add tags to notes but then forget about them and never use them to find things. The inability to organize notes hierarchically is very necessary to me as someone who thinks that way due to my years as a sysad and developer, and I couldn’t get used to everything having to be arranged with tags.

Faith In The Cloud?

So my question yesterday became: “Where do I put all this info I have in Evernote that is more secure and can be synched and access between my phone, laptop, and desktop?”

Security experts mostly agree that putting secure information in the cloud is not a very good idea. But I want to have faith that it can be, and there are companies making an effort in that regard. I turned to a solution that was right under my nose: Google Drive.

Why Google Drive over Dropbox or some other service? Because it integrates easily with everything I already use, and more and more features and interactions with it are becoming available. I, for one, welcome our new Google overlords.

I’m still working on moving everything over from Evernote to Google Drive, and it’s not a simple process, but I think I will be able to live with it. I’ll also be able to rest a little better knowing that, while my data is still in the cloud, Google seems to value it more than Evernote.

Other fed up users are coming up with their own solutions for replacing their faith in Evernote.

What will be yours?

Hacking Experts Exchange

Over the years, Experts Exchange has become quite the repository of tech advice, where people go to ask questions, then the experts compete to give the best answer and win the asker’s vote.  It’s a pretty slick system, I suppose, if you are an ‘expert’, and your goal in life is seeing your username at the top of a list on their site, or if you have a question and have been unable to find an answer to it on any of the completely free message boards across the internet.

Whatever your reason for paying the fee to join their site, you have probably run across one of their pages if you have been searching for answers to a technical problem online.  Their search engine placement has been historically good for a wide variety of key words and phrases.

A Bit of History

You have also probably run across Expert Exchange’s efforts to protect their paid content from the casual observer. If you are like me, you have seen them at the top of a search results page, cussed them out in your head, then moved on to the next result.  That is because you know they often seem to have people asking the exact same thing you are in search of, and they seem to have people who have provided answers/solutions, but when you go there you are asked to pay to see the answers.  But being the freebie seeking geek you are, you haven’t ever signed up for their site.

I remember that it used to be they would obfuscate their experts’ answers to a question with Javascript.  That worked for a few minutes, until Firefox gained popularity and it became really easy to turn off Javascript.

For a long time, I thought that they had ended up removing their experts’ answers altogether.  However, I learned that Experts Exchange is using a simple visual cue to make you think this so that you won’t find the coveted content for which they take great lengths to protect (and charge you $12.95 a month for access to).

The Hack

The secret is, if you just keep scrolling down the page, you will see all the answers to the question at the top of the page!  What they do to make you think there is nothing there is show several empty bars of “Expert Comment” and “Accepted Solution”, followed by a “Sign up to view this solution” section, making you think the content is hidden.  Below that, you will see a ton of “footer links”, making you think you are at the bottom of the page. However, keep going, and you will find the hidden pot o’ gold.

Why would they do this?  Because they need Google to be able to crawl their content so they can maintain the excellent search engine placement they usually have.  If they only showed the question, and not the answers, they would have much less worthy text to index, so it really behooves them to have that text shown somewhere in plain view. Obfuscating it with Javascript or CSS will only end up hurting them because Google looks at those things as ‘trickery’ due to the fact that they can be used for keyword stuffing.

This isn’t to say I don’t advocate paying for their service.  I actually had the company I used to work for pay the fee a few years ago, but didn’t find myself using it that much, so I didn’t ask them to renew it.

In summary, scroll scroll scroll your way to the bottom of the page when you find an Experts Exchange result while troubleshooting on the Internet.

Clicky