The hyperbolic intro didn't really help:

> If anyone in Silicon Valley knows the value of secure access and keeping information safe, it’s him.

I can think of, I don't know, 30 people at the top of my head that I would rather be listening to. If you caught me in a drunken stupor I could probably still give you 10-15 of them.

That said, there's nothing really wrong with the article, but it's also pretty basic. Putting stuff behind VPN and installing antivirus can help you, but it's not anywhere near enough if you're actually exposed.

Well, read the article. There's a whole bit in there about just doing the basic bit of security you need to do in the early days.

I mean, enforcing HTTPS is easy and elementary, but maybe they didn't have time? Or something.

HTTPS was only available for paying subscribers.

If you search HN, there has been previous discussion about Evernote's lack of security across many areas.

Other than that, I don't care either way about the company.

This isn't really security advice. It's advice on how much you should focus on security (instead of focusing on other things) if you want to build a successful company.