Encryption transforms 'plain text' into 'ciphertext', which the recipient can only read if they have the right 'key' to decipher it. The process is old, its use began long before the 'digitalization of the world'. Not only texts can be encrypted, but also voice recordings or (moving) images.

A particularly simple form of 'coding' is, for example, Morse code. Anyone who cannot convert the acoustic characters back into meaningful letter sequences with the help of a learned key will only hear a 'beep-beep-beep-beep'.

In the digital world, encryption is now largely automated. Anyone writing an email no longer notices that their message has been 'encrypted' before it is sent. Decryption then requires the appropriate key, which converts a ciphertext back into plain text. Most hacking attempts therefore focus on the theft of 'keys' (e.g. passwords). The carelessness of some users here is truly breathtaking. Thousands of times, sequences of digits such as '1234', 'I' or 'password' are still used.

De-ciphering' or 'deciphering' must be separated from 'key theft' or 'decryption'. This is where 'cryptanalysts' come into play, who draw conclusions about the method used from regularities in the character sequences. Historically, the 'cracking' of the German Enigma machine with the help of the Turing bomb is the most famous example.

An equally underestimated and great danger for any computer technology is the cleaning lady. Cables run from almost all tabletop computers to the connection sockets in the wall. The cleaner, however, only has her hygiene in mind. Every cable, which often runs freely across the floor, is then subjected to the full force of the mop, the sweeper's momentum or the unbridled power of the vacuum cleaner.
Regular deformations of the cable are the result - and at some point the data cable breaks inside. Especially when it comes to highly sensitive fiber optic cables. Nobody would believe how often network experts have been called out to deal with data traffic problems, only to find that the cause was a broken cable. It is therefore essential to 'clean-proof' data cables if these problems are to be avoided.

In earlier versions of Windows, the user of this system software was also the captain of his ship. Even if he was not the brightest in terms of computer technology. They had full administrator access to their system at all times - making it extremely vulnerable to viruses and Trojans.
Since the introduction of Windows Vista, 'User Account Control' (UAC) has been in place. When a user works on a Windows computer, they initially only use simple user rights. Whenever a program requires a higher level of authorization, a window pops up explicitly requesting the user's consent as an administrator. The UAC therefore switches between the hierarchy levels and warns the user that there may be a risk here.

The 'Trojan horse' or 'Trojan' for short has long since replaced the virus as a threat to IT systems. Today, 55% of malware is a Trojan horse and only ten percent are viruses.

As a rule, Trojans do not aim to destroy computers, they want to 'spy' on them or 'use' them to carry out other functions. The programs are called 'Trojans' because they disguise themselves as useful 'workhorses', but then install additional malicious programs unnoticed. These are often 'sniffers', which spy on the content of systems, or 'keyloggers', which register keyboard entries (e.g. passwords).

Trojans are usually structured as a combined program. The useful part of the program also introduces the malware via a 'linker' or 'binder'. Any program can be abused in this way. Once introduced, the host program is no longer required. The introduced malware usually starts automatically as soon as the computer starts up. Recently, plug-ins for the browser or apps that run on mobile devices have also become particularly susceptible to the 'smuggling' of malware.

In principle, Trojans can use any route that loads data onto the computer: Data carriers, network connections, e-mails, etc. The executability of a file is often deliberately disguised so that the user believes, for example, that he is opening a harmless image file with the extension 'Dingsbums.jpg' because the 'executable' does not appear in the display on the monitor. In fact, however, the file bore the identifier 'Dingsbums.jpg.exe'.

Other Trojans exploit the vulnerabilities of existing programs, the 'exploits'. Nowadays, everyone is familiar with the requests to quickly update sensitive programs in order to close the security gap.

The only protection against Trojans is to refrain from using programs from unknown or unsafe sources, especially from the 'grey area' of the Internet - this also applies to seemingly harmless photo, video or sound files. The usual virus scanners, on the other hand, are only of limited help against Trojans. They can often successfully eliminate unopened Trojans, but once installed their capabilities are usually limited. In such cases, the only thing that helps is transferring the data medium with the last clean backup.

Transport Layer Security (TLS) has replaced the Secure Sockets Layer (SSL), while retaining many of its functions. TLS is an attempt to create a high-security wing for transmitted data on the internet. Five protocols are intended to guarantee security and data integrity on the Internet. In the case of TLS, too, improved versions follow each other in close succession.

TLS includes end-to-end encryption, a message authenticity check, a 'handshake' that enables mutual identification and much more. Despite all the 'locks' in front of this system, even TLS is not absolutely secure - like almost nothing on the internet. 'Man-in-the-middle attacks' have been recorded, as well as loose-plaintext or compression attacks. There are also political restrictions: due to American export bans on cryptography, often only short 'keys' may be used, which then make it easier for attackers to carry out their work.

In a word: nothing on the Internet is 'absolutely secure', except the security that it is. However, we offer our customers the current maximum level of security at all times.

The Secure Sockets Layer (SSL) has long been the encryption protocol for secure data transmission on the internet. However, the cryptological lead is only ever razor-thin and hackers are always hot on the heels of security experts. Which is why the old SSL protocol has now been replaced by Transport Layer Security (TLS).

However, the principle remains the same: if a client establishes a connection to the server, the server must identify itself with a certificate. This certifies to the 'knocking' client that it is accessing a trustworthy page. For confirmation, the client queries the server with a random number or similar, whereupon the server can only solve the task if it can offer a suitable resolution in accordance with the agreement. We are therefore dealing with a form of 'key exchange'.

The customer can recognize secure Internet pages by their browser-dependent verification symbol on the far left in the address bar.

The Sender Policy Framework (SPF) was created to combat unauthorized tampering with IP addresses on mail servers. Essentially, the administrator of a domain stores the IP addresses of all authorized senders ('Mail Transfer Agents' - MTA) for the mail recipient to view. The receiving system retrieves this SPF information for the specified domain via the Domain Name System (DNS). It compares the IP address of the sending MTA with the permitted addresses. If the IP address matches the verified MTAs, the sender is considered authentic. Otherwise, the email is discarded or at least a warning is issued. Participation in the SPF system and making SPF records visible is voluntary.

Although SPF can also be used to prevent garbage and phishing, the Sender Policy Framework is not a spam prevention program. It merely serves to detect forged sender addresses 'on the envelope' of an email.

Almost everyone has experienced Internet offers for Viagra, unheard-of chances of winning, almost free health insurance or even penis extensions, most of which arrive uninvited in the mailbox. A spam filter is a program or module that filters such unwanted and annoying advertising from the data stream. There are various methods of considerably thinning out such 'spam'.

The blacklist method scans, for example, the sending servers, the email addresses or the headlines for unwanted terms and sets up such a defense regime itself. The Bayesian filter first requires the cooperation of the user, who sorts the first 1,000 or so emails themselves according to 'wanted' or 'garbage'. After that, the filter achieves a hit rate of almost 95 percent. Newer methods target linked URLs (Internet addresses) in the spam mails, and thus the 'traders' of this model, in order to operate consistent waste disposal in virtual space.