Christian Jens

A nerd's diary

Category: IT Security

It’s not only fun and cool but the more we open ourselves to the outside world, the more we become an easily exploitable target for others. You think, you don’t have anything to hide or nobody would want to “hack” you? Well, you might wanna think again.

How does HTTPS work, a closer look

Many of us put a lot of trust in websites. We do our banking online, buy things in online shops, sign in to web sites and give out personal information. But why do we trust these websites? Probably because we trust the company behind it. Using Amazon is very convenient but to use that service we need to enter a payment method, our credit card for example and an address for shipping. We trust that Amazon will treat that sensitive data consciously. And that’s fair enough, Amazon has a good reason to keep your data safe. But how can we be sure that our data arrives safely? When we send that data to Amazon, we probably don’t want anybody else to read that information on the fly. Well, that’s where the browsers green padlock comes into play. That padlock indicates an HTTPS connection, a secure connection. But how does HTTPS work? Let’s take a closer look

Continue reading

Secure cookies for the web

So the other day my father and I had one of our infamous tech discussion, one of the kind were the people around us would start a side talk as the two of us would got lost in our topics. One of the subjects we came across, was cookies and he told me he disables them and then selectively enables cookies for a few pages. He also told me, why he does so and it came down to two reasons. First, he is concerned about his privacy – and that is good, we all should be more concerned about that! The second reason is security and the lack of secure cookies. Cookies are not evil in themselves, they are, however, often implemented poorly and therefore I can understand both concerns. So, let’s see how to tackle cookies in the web.

Continue reading

Just use a Password Manager already, it’s like insurance

I know, using a Password Manager is a somehow geeky thing to do. The setup takes time and you probably have better things to do. But in today’s world you have to think of it as an insurance. You probably think nobody wants your data and why should you be a target anyways, you’re just an average person on the web, correct? Well, we’ll get to that, but first let me ask you something: Did you spend time to get some kind of insurance? Maybe a fire insurance for your house or an extended health insurance that covers your teeth? You didn’t do that because you want your house to burn down or your teeth to fall out, you did it to be prepared if the worst case happened. You could ask the same questions: Why would somebody light a fire to burn your home down? Why would you not pay attention to burning candles, yet everyone understands that these things could happen. There’s a slight chance that it might hit you, so you get insurance.

Continue reading