Articles

Why you must not store passwords with SHA-256 alone, and how bcrypt, Argon2, and scrypt compare across CPU cost, memory hardness, parallel-attack resistance, and library maturity.

Compare three data exchange formats for spreadsheet exports, API responses, and ETL pipelines by structural expressiveness, parsing ease, and tool support. Covers CSV escape hell and JSON size bloat.

Compare four formats for short looping clips (social posts, doc walkthroughs, bug repros) by file size, colour palette, transparency, and autoplay behaviour. Why GIF has become wildly oversized today.

Compare iOS High Efficiency (HEIC) and Most Compatible (JPEG) settings by file size, image quality, and cross-device openability. When you should convert before sharing and what you lose.

Compare hex, Base64, and Base58 for hashes, tokens, IDs, and wallet addresses by size efficiency, URL safety, readability, and use case. Why Base58 became the standard for cryptocurrency addresses.

Shrink a PDF without uploading it anywhere. Walks through how image re-encoding and stripped objects reduce file size in the browser, with notes on quality trade-offs.

Convert HEIC photos from iPhone to JPG or PNG entirely in the browser. Why HEIC opens nowhere outside Apple, and how libheif-js decodes it locally.

Turn an MP4 or WebM into a looping GIF. Explains how frame rate, resolution, and palette size trade against file size, all converted locally with ffmpeg.wasm.

Paste a JWT and read its header and payload. Walks through the Base64URL structure, what exp and iat mean, and why decoding alone does not verify the signature.

Recover the original Japanese behind mojibake such as 繧ｴ繝�, ã®ã, or ???. Walks through how Shift_JIS / EUC-JP / UTF-8 / ISO-2022-JP encoding mismatches are inverted by brute force, all inside the browser.

Pull the audio track out of an MP4 or MOV and save it as MP3 / WAV. Uses ffmpeg.wasm in the browser so the source video never leaves the device.

Combine several PDFs into one, or cut a single PDF into page ranges. Covers how pdf-lib preserves pages losslessly while running entirely in your tab.

Remove camera, timestamp, and GPS metadata before sharing photos. Explains how EXIF lives inside JPEG / PNG and how to wipe it in the browser with no upload.

Cut out the background of product photos and portraits to a transparent PNG. Runs the RMBG segmentation model locally via WebAssembly so the image never leaves your tab.

Reduce hiss, fan noise, and rumble from meeting and interview recordings. Compares spectral subtraction with high-pass filtering and warns about over-processing artefacts.

Run HIIT and Tabata rounds straight from a browser tab — no app install. Walks through configuring warm-up / work / rest / cool-down, Web Audio beeps for phase changes, and how the timer stays accurate when the tab is backgrounded.

Strip the password from a PDF you legitimately own, entirely in the browser. Covers the difference between owner and user passwords and when you should leave protection in place.

Compare three encodings web developers reach for daily, by purpose (safe embedding / transport compatibility / binary-to-text), scope of application, and character set. Includes common misuse patterns.

Pick between JPG, PNG, WebP and AVIF using four axes: compression scheme, file size, browser support, and transparency. Includes a browser-only conversion path between them.

Compare stateless JWTs and server-side session cookies for web auth across four axes: server-side state, revocation, scalability, and risk. Includes the different CSRF and XSS threat models each implies.

Compare Markdown, HTML, and RTF for READMEs, meeting notes, email drafts, and Word handoffs by portability, expressiveness, tooling, and how the recipient renders it.

Compare three checksums for download corruption detection, tamper detection, and duplicate file matching by speed, output length, collision resistance, and use case. Why CRC32 is not a tamper check.

Compare five audio formats by compression scheme (lossy / lossless / uncompressed), file size, compatibility, and use case. The right answer depends on whether you are distributing, editing, or archiving.

Compare four video containers by the codecs they typically wrap (H.264 / H.265 / VP9 / AV1), browser support, and use case (delivery / editing / archive). Maps each to social, NLE, and web embedding.

When to author in RGB and when in CMYK, compared by additive vs subtractive mixing, gamut, print process, and submission file formats. Why an RGB → CMYK conversion typically dulls saturated colors.

Compare three color spaces used in CSS, design tools, and image processing by perceptual uniformity, interpolation quality, and implementation availability. Why CSS Color Module 4 favours OKLCH.

Compare three hash algorithms used for file integrity, password storage, and digital signing by collision resistance, speed, and practical security. Explains why MD5 and SHA-1 are considered broken today.

Pick between SVG and PNG for logos, icons, diagrams, and photos using four axes: resolution dependence, file size, editability, and browser support. Includes the trade-offs when converting between them.

Compare TIFF, Adobe DNG, and vendor RAW formats (CR2 / NEF / ARW) for professional photo workflows, print submission, and long-term archival, across reversibility, vendor lock-in, editor support, and archive readiness.

Compare three Japanese encodings by character coverage, byte structure, and modern compatibility. Maps each to CSV exports, file handoffs, and legacy system integration — and the pairs that produce mojibake.

Compare audio bit depths for recording, editing, and distribution by dynamic range, file size, clipping headroom, and compatibility. Why 32-bit float matters during editing and when 16-bit is fine for distribution.

Compare YAML, JSON, and TOML for app configuration, CI/CD, and infrastructure-as-code by readability, expressiveness, parse strictness, and tooling. Includes YAML pitfalls like the Norway problem.

Compare ZIP, TAR.gz, and 7z for distribution packaging, backups, and Linux server transfer by compression ratio, cross-platform support, metadata preservation, and random-access reads.

Conversations captured in recordings, voice as biometric data, and context leaked through ID3 tags or background sounds — audio tools carry distinct risk layers. Here is how NoSend Tools handles each class without sending data outside your browser, with concrete references to Whisper, the Web Audio API, and lamejs.

Three major changes shipped in June 2026: share URLs rolled out to every tool, every tool gained a long-form article, and this blog launched. Here's the context and intent behind each.

Salary figures, freelance gross income, household composition, property valuations, estate estimates — the inputs to Japanese tax and social-insurance calculators rank among the most sensitive numbers in a person's life. Here is why the gap between "free online tax calculator" and "browser-only calculator" is especially meaningful for this category of tools.

The Japanese tools on NoSend Tools — kanji-to-hiragana, kanji-to-romaji, wakati-tokenize, furigana-html, japanese-counter-word and more — all run morphological analysis in the browser using kuromoji.js. Here is what the 12 MB IPADIC dictionary contains, how Viterbi tokenisation works, and what it means to run Japanese NLP without sending text to a cloud API.

HuggingFace's transformers.js uses ONNX Runtime Web to run models like Whisper and RMBG-1.4 entirely in the browser. Model weights are downloaded and cached locally; your audio and images never leave your machine.

GPS leaks from EXIF metadata, sensitive face data and unreleased designs passing through servers, and the amplification of privacy exposure when multiple photos are combined — image tools carry distinct risk layers. Here is how NoSend Tools handles each class without sending data outside your browser.

NoSend Tools' PDF suite is built on two libraries with very different jobs: pdf-lib for creation and editing, PDF.js for rendering and parsing. Here is why the split exists, what each library handles, why PDF structure makes this harder than it looks, and why keeping the whole pipeline inside the browser matters for documents that frequently contain personal or legal data.

ffmpeg.wasm compiles the C ffmpeg project into a WebAssembly module that runs entirely inside a browser. This post explains what is actually downloaded (~30 MB), how SharedArrayBuffer and cross-origin isolation enable multi-threaded encoding, and why the WASM sandbox itself enforces the "media never leaves your device" guarantee.

A privacy claim in a footer is just trust. NoSend Tools is built so the claim is verifiable in two ways: open DevTools and see no requests, or read the source on GitHub. Here is how to do each.

NoSend Tools launched in May 2026. Following the actual commit log, here's what got built in the first three weeks and how the architectural choices played out.

A decade ago, video conversion and PDF editing on the web defaulted to server-side processing because nothing else worked at acceptable speed. WebAssembly broke that assumption. Here's the technical stack NoSend Tools relies on, and why it matters.

"Files are deleted right after processing" is a promise users cannot verify after the fact. Once data leaves your machine over the network, it has already passed through caches, logs, and infrastructure outside your control. Here's why NoSend Tools doesn't transmit user input at all.