Offensive Thinking

Organizing your papers with Mendeley

Posted: 2009-12-17

Some days ago, someone (I can’t remember who, sorry) tweeted about Mendeley. It is a software to “Organize, share and discover research papers”. Okay, the next sentence on the website is “Like iTunes for research papers”, which almost made me stop looking at it…

It’s a GUI application and you can download it for free from their site. It is, however, closed source. But hey, can’t have everything. So don’t come complaining to me if it sends your private pictures to Flickr or whatever, I never said I’ve reviewed the code ;). Please be also aware of their EULA and their privacy policy, they’re well worth reading carefully and thinking about the implications before you start using this software. Consider yourself warned. I’ll give some final thoughts on this at the end of this post.

Mendeley works surprisingly well. There’s this huge directory on my laptop with all the security whitepapers I downloaded over time and never come around reading (sounds familiar? Yeah, I bet). BlackHat, Defcon, papers announced on Bugtraq, Full Disclosure or recently more and more over Twitter, you name it. And lets be honest: Either you read them immediately or you forget about them.

One problem is that after dumping them in my “Security Papers” directory, when I have a second look at it later, I already forgot what the papers in there are about. And if they do not have at least a filename telling me what the paper might be about, I don’t bother to open them all in my PDF reader again.

Mendeley did a very good job on organizing this directory and extracting meaningful meta information from that pile of whitepapers and slides. It wasn’t perfect and I had to correct a lot of stuff, but the initial guessing it did was better than I hoped for. Now I have all my papers neatly organized in the Mendeley database, with full text search, the ability to find papers by author or subject, information about papers referenced, BibTeX export, the possibility to annotate the PDFs and much more. It’s a really nice way to organize your stuff. Ok, I still have to read the papers myself. But at least now I can just mark them as read or unread and find them again in the pile of papers I hoard on my disk. Mendeley even allows you to conveniently rename the papers.

Their ultimate goal seems to be to start a kind of social network for researchers, you can synchronize all your stuff with their website and you are of course encouraged to do this. But it’s also possible to just use their client offline. Be always aware that they will collect data about the papers you organize with their software. I don’t think they send any stuff to their website if you don’t have an account and without you explicitly agreeing to it, but you never know. All the papers I have collected are freely available on the Internet and I have no problem with people knowing about me reading these papers, so I consider the potential public knowledge about what security papers I read not an issue. YMMV. Also, I’d be careful with my own papers that aren’t published yet, for example. I wouldn’t add these to Mendeley simply because I don’t know where that data might end. Their privacy policy openly addresses these issues and sounds reasonable, but: it’s the Internet, and what is uploaded to the Internet stays on the Internet. Always have that in mind.