C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation
Tighten Pro - in the Mac App Store
Tighten Pro is now available in the Mac App Store.
Simply click on the icon to the left to purchase directly from Apple.
Or choose PKCS#7Viewer.app by clicking the image to the right.
Mac Developer: Mysterious internet data hijacking operation discovered | The Verge
Mysterious internet data hijacking operation discovered | The Verge - A sizable chunk of internet traffic made an unnoticed pit stop in Belarus and Iceland at several points over the past year, a security firm said today. Renesys, a company that monitors online activity, says some internet traffic was hijacked en route to the US and other locations, including government destinations as part of a scheme of unknown origin.
IOW, the Russians are doing it as well.
Mac Developer: This Is the MIT Surveillance Video That Undid Aaron Swartz | Threat Level | Wired.com
This Is the MIT Surveillance Video That Undid Aaron Swartz | Threat Level | Wired.com - the network closet is crammed with a jumble of Sharpie graffiti dating back to the early 1980s — earlier generations of hackers at the institution that invented hacking, going places they shouldn’t go, doing things they shouldn’t do, leaving their mark at the very spot where, on January 4, 2011, MIT lost its tolerance for such behavior.
Think Different doesn't really exist anymore. Except maybe in the Raspberry Pi.
Labels: security, think different
Mac Developer: Google wants employees using Macs, not Windows or Chrome OS PCs
Google wants employees using Macs, not Windows or Chrome OS PCs - Speculation says the growing popularity of the iPhone is reason for slow developments for Mac enterprise tools.
Mac Developer: How Too Many SMS Messages Can Shut Down Your Nexus Phone - Arik Hesseldahl - News - AllThingsD
How Too Many SMS Messages Can Shut Down Your Nexus Phone - Arik Hesseldahl - News - AllThingsD - If you have a Google Nexus 4 or Nexus 5 smartphone, you may want to know about an interesting security story coming out of a conference in Romania today.
The bad news is that the NSA has already rooted your phone and is using it as part of a coordinated attack to harvest data from China.
Mac Developer: Wal-Mart, Coca-Cola, McDonalds spying on nonprofits -- allegedly with former NSA, CIA hackers | VentureBeat | Security | by John Koetsier
Mac Developer: Here’s Richard Stallman’s letter to Stratfor hacker’s judge demanding lesser sentence | VentureBeat
Here’s Richard Stallman’s letter to Stratfor hacker’s judge demanding lesser sentence | VentureBeat - Free Software Foundation president Richard Stallman tried to get Stratfor hacker Jeremy Hammond’s judge to only hand down a community service sentence.
My favorite part of the article is "erroneously called Linux". I met Stallman once in 1992 and he was handing out these fanged Apple badges. I had mine for a long time, not realizing it might be a collectible one day (like now).
Labels: gnu os, linux
Mac Developer: CIA’s Financial Spying Bags Data on Americans - Siobhan Gorman, Devlin Barrett and Jennifer Valentino-DeVries - News - AllThingsD
CIA’s Financial Spying Bags Data on Americans - Siobhan Gorman, Devlin Barrett and Jennifer Valentino-DeVries - News - AllThingsD - The Central Intelligence Agency is building a vast database of international money transfers that includes millions of Americans’ financial and personal data, officials familiar with the program say.
The good news is that you have nothing to fear unless you're a criminal.
Labels: CIA, security
Mac Developer: Mobile devs: Google will officially translate your Android apps | VentureBeat
Mobile devs: Google will officially translate your Android apps | VentureBeat - Google announced that it would be opening up a translation service at Google I/O and officially released it.
What's good for global revenue is good for both publisher and distributer.
Mac Developer: Developers need to start thinking about security now | VentureBeat
Developers need to start thinking about security now | VentureBeat - The fundamental relationship between security and development is broken.
It’s broken because security teams drive security, and development teams let them. There needs to be a re-balancing of this relationship, driven by an awakening in the developer community.
Some thoughts about security and development.
Labels: security, security tools mac
Mac Developer: Is a Nexus 5 Phone Running on KitKat Any Sweeter? - Walt Mossberg - Personal Technology - AllThingsD
Is a Nexus 5 Phone Running on KitKat Any Sweeter? - Walt Mossberg - Personal Technology - AllThingsD - KitKat is also somewhat smoother and faster than its predecessor, Jelly Bean, at least on the Nexus 5. All of these KitKat features worked fine, but none was a huge deal to me.
Sometimes less is more.
Labels: android, ios
Mac Developer: Apple's increasing cultural influence colors "Obama crash"
Apple's increasing cultural influence colors "Obama crash"
Businessweek for its November 3 edition metaphorically portrays U.S. President Obama as "crashed," and in need of a reboot, depicting him as a partially loaded image with the wait beach ball cursor from OS X."
I'm not sure this is progress. Is it? Beachball is the new blue screen of death?
Mac Developer: IBM surrenders $600M CIA cloud deal to Amazon | VentureBeat
IBM surrenders $600M CIA cloud deal to Amazon | VentureBeat - IBM didn’t expect to lose to Amazon, which has historically been dismissive of private cloud solutions.
You have to wonder, exactly what business is Amazon.com in? Oh, yeah, the everything business.
Labels: aws, cloud computing
Mac Developer: Apple’s new OS X Mavericks crashes far more frequently for some (including me) | VentureBeat
Apple’s new OS X Mavericks crashes far more frequently for some (including me) | VentureBeat - But the new OS release, named for the famous surfing location in northern California, also crashes just like the big waves it was named for.
I have Leopard 10.5 running on a PowerBook and haven't rebooted it in over a year. Might be two years. Low-power, nice and cool, crash-less. In short, what an operating system is supposed to be.
I remember my TiBook running 10.2 was the same way. Simple. Reliable.
Labels: mac os x
Mac Developer: Here’s how Apple assaulted Microsoft at its iPad Air event — in 3 crushing quotes | VentureBeat
Here’s how Apple assaulted Microsoft at its iPad Air event — in 3 crushing quotes | VentureBeat - One of the more interesting parts of Apple’s announcement today came from Apple engineering VP Craig Federighi, who announced that Mavericks, the latest version of OS X, would be completely free for all Mac users.
The logical progression is to start licensing motherboard designs to 3rd parties so that the grey area hackintosh market can legitimately join the OS X installed base.
Mac Developer: California man sues Apple CEO Tim Cook over automatic iOS 7 update
California man sues Apple CEO Tim Cook over automatic iOS 7 update - In 2009, Apple was sued by another California man who alleged that the Cupertino company secretly conspired with the Italian mafia to threaten him into becoming a fashion model.
Regrettably, I have just returned from my assignment as a fashion model. Had I known litigation was an option, I might have acted differently.
Mac Developer: Microsoft: Everyone stop running so the fat kid Win RT can catch up • The Register
Microsoft: Everyone stop running so the fat kid Win RT can catch up • The Register - Microsoft has shifted into a faster, annual release cycle in the place where a fast release cycle isn't really wanted – on the enterprise desktop. And just where a faster release cycle is needed, it moved the Phone team into a slower, 18-month release cycle.
The Register says it best: people whose day to day activities are not tweeting and instagramming do not want a new operating system every year. Let alone a new operating system that requires the retraining of 100,000 staff at the organization.
Labels: release cycle
Mac Developer: NASA’s $1.1B Jupiter probe reboots after unexpected cat nap | VentureBeat
NASA’s $1.1B Jupiter probe reboots after unexpected cat nap | VentureBeat - The folks at NASA’s Southwest Research Institute are undoubtedly breathing heavy sighs of relief today after discovering that the space agency’s $1.1 billion Juno probe decided to turn back on after unexpectedly “falling asleep.”
Hopefully it's running XPSP3 and not FreeBSD or Linux. Otherwise I'd just look plain silly.
Mac Developer: Some iPhone 5s owners reporting 'Blue Screen of Death' with iWork apps
Some iPhone 5s owners reporting 'Blue Screen of Death' with iWork apps - Posts regarding the Blue Screen of Death (BSoD) began to appear on Apple's support boards in September, with users claiming that their iPhone 5s units would crash when using Apple's iWork apps.
Sometime in the 90s, Richard Gabriel had a though-provoking article in his column observing that in biological systems, very fast evolution comes before extinction. It's been awhile and I may be inaccurately paraphrasing, so I'll say it here: nobody needs a new operating system every year. Nobody needs an operating system with a ton of new features that causes existing application software to cease to function incorrectly.
In the end, Linux will be running most of the important systems in the world because nobody is forcing anyone to upgrade their systems for some commercially motivated strategy guised as a benefit to the ultimate user of the product or in response to some perceived market need generated by retarded online "journalists" or worse "M&A" investment bankers. I could just as easily have written this post on my G4 PowerBook, which is overloaded with 10.5 and is still working perfectly after just 5 years.
The consumer culture of disposable things is going to be replaced by a culture of valued, recyclable, renewable things.
Labels: ios, mac os x
Mac Developer: Apple’s iOS 7 Update Causing Trouble for Some School iPad Deployments - John Paczkowski - News - AllThingsD
Apple’s iOS 7 Update Causing Trouble for Some School iPad Deployments - John Paczkowski - News - AllThingsD - Apple did not realize that installing iOS 7 would remove our (and thousands of organizations across the country) safety protection measure, which now makes the iPad devices unfiltered when accessing the Internet away from school.
Hopefully it should be obvious that everything that is not a phone should not be treated like a fashion accessory. Including the Mac.
Labels: app security
Mac Developer: Former Microsoft privacy chief no longer trusts company | Microsoft - CNET News
Former Microsoft privacy chief no longer trusts company | Microsoft - CNET News - Bowden, whose Twitter feed identifies him as "ex-Chief Privacy Adviser MSFT (hey, I tried)," told the conference he was not aware of the program's existence during his Microsoft tenure.
MSFT "privacy advisor" unaware of NSA PRISM program. Now that's what I call transparency! It's so transparent, you can't see it.
Mac Developer: NSA Internet Spying Sparks Race to Create Offshore Havens for Data Pri - Elizabeth Dwoskin and Frances Robinson - Voices - AllThingsD
NSA Internet Spying Sparks Race to Create Offshore Havens for Data Pri - Elizabeth Dwoskin and Frances Robinson - Voices - AllThingsD
The companies promise that by encrypting email through German servers and hewing to the country’s strict privacy laws, U.S. authorities won’t easily be able to pry inside. "
You can run, but you can't hide. They have the backbone people. The backbone.
Mac Developer: Please, no printf
I had a good laugh today reading a job posting on Monster that required the candidate "use a real debugger" and not use print statements. Must be one of those companies dumping shovelware in the iOS App Store. You know, the apps that have fancy UX design and sometimes do something correctly before crashing inexplicably.
I often see postings on elance and odesk that read "Instagram clone: budget $50"
With comedy like this available in real life, who needs The Onion?
Mac Developer: Los Angeles schools halt home use of district-issued iPads after students hack security restrictions
Los Angeles schools halt home use of district-issued iPads after students hack security restrictions - The Los Angeles Unified School District has suspended home use of Apple's iPad by students until further notice following the revelation that a number of students had bypassed the school-installed security features on the device.
Hard to believe people are shocked by this. High school was maybe the only time I had to muddle around with the 6502 assembly innards of the Apple ][ and C64. After that, C was preferred because it simply did everything I needed without the inconvenience of opcodes.
Mac Developer: Fake iMessage app for Android spoofs Mac mini, routes chats through China [u]
Fake iMessage app for Android spoofs Mac mini, routes chats through China [u] - A new messaging app aping the iMessage name has shown up on Google's Play Store, but Android device owners may want to think twice before downloading the unsanctioned app, as it doesn't seem to work as advertised and may be doing a bit more than it lets on.
This is the future of security. A world so complex, mere mortals cannot be expected to understand risks. I don't think iOS is immune.
Labels: security, tighten
Mac Developer: The Pentagon as Silicon Valley’s Incubator - NYTimes.com
The Pentagon as Silicon Valley’s Incubator - NYTimes.com
former Department of Defense and intelligence agency operatives have headed to Silicon Valley to create technology start-ups specializing in tools aimed at thwarting online threats."
I like the thought here "The enemy of my enemy is my friend."
Mac Developer: Swrve Says New Fraud Filter Fights Fake In-App Purchases - Eric Johnson - Commerce - AllThingsD
Swrve Says New Fraud Filter Fights Fake In-App Purchases - Eric Johnson - Commerce - AllThingsD: "Pirates! That is, players who spend nothing and get everything a game can offer, by circumventing the in-app store. "
Labels: app security, in-app purchase, validation
Mac Developer: First malware in the wild found exploiting Bluebox's Android app signing flaw
First malware in the wild found exploiting Bluebox's Android app signing flaw: "Earlier this month, the popular Facebook app was caught harvesting users' entire phone books for upload into the social network's vast graph, without notice, and subsequently 'sharing' information with other users 'having some connection to them' on the site. "
They're getting into the American spirit popularized by the NSA! This is an important read because it highlights the reasons that an application bundle needs both external (system verified) and internal (application self-verified) code signatures.
At least, that's my opinion.
Labels: android, facebook, security