'Your Notes also may be viewed where necessary ... to comply with our legal obligations, such as responding to warrants, court orders or other legal process.'
Also, Evernote doesn't have overwrite protection - you could lose your text.
A: Passwords are never sent to our servers. We only store encrypted text - which is useless data once password is lost. Also, we don't know who this text belongs to.
A: You don't have to, but it's recommended. The longer the password, the harder it's to guess it. Note that your text is protected by both URL and your password - if no one knows your URL, any password is good enough (if you use HTTPS nobody can see your URL).
A: Yes. Your password (or password hashes) are never sent over the network, and all data that's sent or received is always encrypted. Your data is decrypted only on your device, and encrypted before it's returned to us. For highest security use long password or HTTPS.
A: Overwrite protection prevents you from saving any changes if text was changed in the meantime. (Server stores the hash of newest content, and sends the hash to the client together with the content. Client has to return that hash when trying to save content. Server can compare stored and received hash to determinate if client was served with the latest changes.)
A: Some characters aren't allowed in URL addresses, that's why your URL is redirected to URL that has some characters replaced with dashes. You can still always type in "Mark's notes" and you'll be redirected to the same URL.
A: This site looks great on smartphones! We're planning to release mobile apps as well; however, the apps would be less trusting because users can't check the code themselves (we don't want to force anyone to have to trust someone in order to be secured).
A: No. Site was tested and works fine with over 250 000 chars.