Blog

List News Background articles Commentaries Development/Java IT Security Computer Guides & Tips

HissenIT Blog: IT Market and Computers / Background Articles and Knowledge

You can follow this blog through this news feed or our social media channels.
Previous publications can be found in the publication archive.

Understanding CSV Files: What they are and how to use (How-to)

Added at 02/04/2023 by Frank Hissen

Using CSV files is a daily routine for many people who have to accomplish a - fully automatic or semiautomatic - data exchange between different IT systems. CSV files are not the only solution path, but are very common. This concerns for instance online and e-commerce businesses which import the current orders from eBay into their own ERP system (Enterprise Resource Planning) or the accounting when exporting tax data to the tax office. ...

Windows 11 Certificate-based File Encryption (CrococryptFile with Hardware/Software Token)

Added at 09/20/2022 by Frank Hissen

HissenIT's CrococryptFile fully supports Windows 11 including crypto suites. Besides classical end-user password-based encryption of files and folders, also the Windows Keystore using certificate tokens can be used. Hence, existing PKI infrastructure components can be used to encrypt file archives quickly also in business groups. ...

(Briefly) Backups - Do we need that?

Added at 11/03/2021 by Frank Hissen

...

Secure Programming of Web Applications: Authentification

Added at 12/28/2020 by Frank Hissen

We can read about numerous successful attacks on well-known web applications on a weekly basis. Reason enough to study the background of "Web Application Security" of custom-made / self-developed applications - no matter if these are used only internally or with public access. ...

Secure Programming of Web Applications: Session-Hijacking

Added at 12/21/2020 by Frank Hissen

We can read about numerous successful attacks on well-known web applications on a weekly basis. Reason enough to study the background of "Web Application Security" of custom-made / self-developed applications - no matter if these are used only internally or with public access. ...

Secure Programming of Web Applications: Clickjacking

Added at 12/15/2020 by Frank Hissen

We can read about numerous successful attacks on well-known web applications on a weekly basis. Reason enough to study the background of "Web Application Security" of custom-made / self-developed applications - no matter if these are used only internally or with public access. ...

Secure Programming of Web Applications: Remote File Inclusion (RFI) and Local File Inclusion (LFI) resp. Directory/Path Traversal

Added at 12/08/2020 by Frank Hissen

We can read about numerous successful attacks on well-known web applications on a weekly basis. Reason enough to study the background of "Web Application Security" of custom-made / self-developed applications - no matter if these are used only internally or with public access. ...

Secure Programming of Web Applications: Open Redirection

Added at 12/01/2020 by Frank Hissen

We can read about numerous successful attacks on well-known web applications on a weekly basis. Reason enough to study the background of "Web Application Security" of custom-made / self-developed applications - no matter if these are used only internally or with public access. ...

Secure Programming of Web Applications: Cross-Site Scripting (XSS)

Added at 11/27/2020 by Frank Hissen

We can read about numerous successful attacks on well-known web applications on a weekly basis. Reason enough to study the background of "Web Application Security" of custom-made / self-developed applications - no matter if these are used only internally or with public access. ...

Secure Programming of Web Applications: Cross-Site Request Forgery (CSRF)

Added at 11/20/2020 by Frank Hissen

We can read about numerous successful attacks on well-known web applications on a weekly basis. Reason enough to study the background of "Web Application Security" of custom-made / self-developed applications - no matter if these are used only internally or with public access. ...

Secure Programming of Web Applications: SQL Code Injection

Added at 11/14/2020 by Frank Hissen

We can read about numerous successful attacks on well-known web applications on a weekly basis. Reason enough to study the background of "Web Application Security" of custom-made / self-developed applications - no matter if these are used only internally or with public access. ...

Data Security through Cryptography - Interview with Frank Hissen

Added at 06/09/2019 by Frank Hissen

IT Security Expert and Computer Scientist Frank Hissen talking about cryptography and how cryptography helps to protect our data security during our private and professional everyday life. ...

Internet Security: Why cryptography (and encryption) is essential

Added at 06/03/2019 by Frank Hissen

Internet connections are no direct lines. Every intermediary component holds full access to your Internet traffic. That means: read, alter, redirect, discard. Or put another way: manipulate, record, log, render unusable. ...

Attention when choosing an Encryption solution - Weakness in Password manager of Firefox and Thunderbird

Added at 03/21/2018 by Frank Hissen

An "IT security researcher" recently engaged attention on a seemingly older, known weakness in Mozilla's password managers of Firefox and Thunderbird. Core problem is the way of dealing with the master password (keyword: secure password hashing). We recommend for years to pay close attention - when choosing an encryption software - which password hashing procedure is used. Otherwise, you eventually have no real data encryption at all. We try to provide some clear background information. ...

"IT Security for Project Managers" now also as Kindle e-Book

Added at 09/18/2016 by Frank Hissen

Our Whitepaper/Guideline is now also available as e-book for Amazon's Kindle (English/German). ...

IT Security for Project Managers: About implementing security in IT projects properly – A Guideline

Added at 05/23/2016 by Frank Hissen

Despite many accepted IT security standards, many IT projects fail at IT security. What needs to be considered, what mistakes and pitfalls to avoid. ...

Say no to plain passwords: Secure Password Hashing

Added at 11/02/2015 by Frank Hissen

Plaintext passwords should not be used anymore. You are probably using a web shop software framework that takes already care of this. Most application frameworks in the world do not use plain passwords anymore but password hashes instead. ...

Encryption background: What is key wrapping?

Added at 10/07/2015 by Frank Hissen

Key wrapping is a simple technique in cryptography that is used in almost all common encryption technologies. ...

Open-Source and Security: Why Open-Source is not insecure

Added at 10/06/2015 by Frank Hissen

Recently, I received the question if it would not be dangerous, when the source code for an encryption software is publicly available. An answer... ...

Introducing cloaked (headerless) files - CrococryptFile 1.3 released

Added at 07/02/2015 by Frank Hissen

Today, we released CrococryptFile 1.3 as free download. This version includes a new crypto suite: "cloaked" archives. This kind of suite encrypts archives without headers. What this exactly means, we explain in the following. ...

Container vs. File-by-file Encryption OR CrococryptFile vs. CrococryptMirror

Added at 06/15/2015 by Frank Hissen

This article is about the differences of the encryption schemes between a container and a file-by-file encryption solution and the resulting privacy implications. At the end, you will see that it is also a matter of taste and application context. ...


About HissenIT's Blog & News

This blog is written by Frank Hissen (Computer Scientist). The majority of posts is about HissenIT, new software and other topics within the areas of software development and IT security.