Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

7.15.2014
Mac Developer: Apple begins encrypting iCloud email sent between providers | 9to5Mac

Apple begins encrypting iCloud email sent between providers | 9to5Mac
The change is documented on Google’s transparency website that shows the percentage of emails encrypted in transit for both inbound and outbound email exchanges


I can't tell if the world is changing or if we all simply woke up and smelled the malware.

Labels:

By : Tighten Apple begins encrypting iCloud email sent between providers | 9to5Mac 0 comments

7.13.2014
Mac Developer: Crypto certificates impersonating Google and Yahoo pose threat to Windows users | Ars Technica

Crypto certificates impersonating Google and Yahoo pose threat to Windows users | Ars Technica: "A blog post published Tuesday by Google security engineer Adam Langley said the fraudulent transport layer security (TLS) certificates were issued by the National Informatics Centre (NIC) of India, an intermediate certificate authority that is trusted and overseen by India's Controller of Certifying Authorities (CCA)."
My personal opinion is that many of the so-called trusted technologies that are in use on the internet have never really been properly audited or stress-tested. It's only as the malware networks reap their rewards that anyone is paying any real attention to exploits. Software is complex and hard to debug and it gets much worse when you consider a heterogenous system such as the global internet. On the plus side, a truly heterogenous system based on standards says that someone is going to emerge as a clear leader in this area.

I personally think the monolithic bloatware OS is going to be superseded in the coming years by something very minimalistic. Maybe a hypervisor. Something so small it can be completely tested and debugged.

This mad race to add OS features isn't really serving anyone. Except the marketers. In other words, people who don't have any vested long-term interest in the integrity of a user's experience. Just as long as the gloss is still the most prevalent consideration.

Oh, wait. Icon gloss has been deprecated for flat minimalistic design. By design I mean fashion fad.

Labels: , ,

By : Tighten Crypto certificates impersonating Google and Yahoo pose threat to Windows users | Ars Technica 0 comments

7.11.2014
Mac Developer: Malwarebytes takes in $30M, its first round since launching in 2008 | VentureBeat | Deals | by Richard Byrne Reilly

Malwarebytes takes in $30M, its first round since launching in 2008 | VentureBeat | Deals | by Richard Byrne Reilly: "It is an astonishing tale that continues to amaze. Today, Malwarebytes’ anti-virus security software protects the computers and mobile devices of more than 206 million clients who are fiercely loyal, employs 140 — 90 of whom occupy R&D roles — and will soon begin acquiring smaller players in the space."
The number of malware attacks per minute is troubling.

Labels:

By : Tighten Malwarebytes takes in $30M, its first round since launching in 2008 | VentureBeat | Deals | by Richard Byrne Reilly 0 comments

7.05.2014
Mac Developer: Inside App Extensions: the Cloud Kit-savvy Photos future of Apple's iPhoto & Aperture

Inside App Extensions: the Cloud Kit-savvy Photos future of Apple's iPhoto & Aperture
At the same time, the fact that Extensions are always bundled in an app means that developers can deploy new Extensions as an app update (allowing Instagram to make its filters available in Photos, for example), and sell Extensions as an additional feature for their existing apps.


Even though everyone is articulating the idea that XPC is some new technology, it's really just a security-wise reworking of distributed objects. Which is great. Because DO is a terrific tool for Objective-C developers. The fact that it is coming to iOS is awesome. It signals the end of the era of monolithic iOS apps and the beginning of something entirely new.

Labels: , ,

By : Tighten Inside App Extensions: the Cloud Kit-savvy Photos future of Apple's iPhoto & Aperture 0 comments

6.28.2014
Mac Developer: genkiyooka/MacRuntimeSandboxDetection

genkiyooka/MacRuntimeSandboxDetection
For CFPlugIn and AudioUnit developers - how to check Mac App Store sandbox capabilities at runtime.


If you write system components (i.e. CoreAudio AudioUnit), CFPlugIn bundles or loadable Cocoa frameworks which are shared among applications (like haxies), you may wish to detect the capabilities of the sandbox environment into which you've been loaded so you can gracefully disable features and so forth.

Naive implementations of such loadable code often dump huge volumes of system messages into the Console.log - not useful to anyone.

Labels: , , , , , ,

By : Tighten genkiyooka/MacRuntimeSandboxDetection 0 comments

Mac Developer: Secure Coding Guide: Introduction to Secure Coding Guide

Secure Coding Guide: Introduction to Secure Coding Guide
The document begins with “Types of Security Vulnerabilities,” which gives a brief introduction to the nature of each of the types of security vulnerability commonly found in software. This chapter provides background information that you should understand before reading the other chapters in the document. If you’re not sure what a race condition is, for example, or why it poses a security risk, this chapter is the place to start.


A good overview that just popped up on my radar.

Labels: , ,

By : Tighten Secure Coding Guide: Introduction to Secure Coding Guide 0 comments

6.16.2014
Mac Developer: Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) - Countering Trojan Horse attacks on Compilers

Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) - Countering Trojan Horse attacks on Compilers
In the DDC technique, source code is compiled twice: once with a second (trusted) compiler (using the source code of the compiler’s parent), and then the compiler source code is compiled using the result of the first compilation. If the result is bit-for-bit identical with the untrusted executable, then the source code accurately represents the executable.


You are in a maze of twisty passages, all alike.

Labels:

By : Tighten Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) - Countering Trojan Horse attacks on Compilers 0 comments

Mac Developer: Who Is Paunch? — Krebs on Security

Who Is Paunch? — Krebs on Security
“As I have done before, I am asking all the users as well as IT Security professionals to disable all plug-ins and add-ons in their browsers,” Fedotov warned forum members. “Do not think that if you are not users of Internet money (web money), there is no danger of being infected. In this case, the infected PCs are turned into socks proxies, spam/ddos bots and all the bad activity is done under your name, so that law enforcement can place all the blame on your shoulders. Safe surfing and good luck to you.”


I think this means you.

Labels: ,

By : Tighten Who Is Paunch? — Krebs on Security 0 comments

Mac Developer: Open Threat Exchange (OTX) | AlienVault

Open Threat Exchange (OTX) | AlienVault
AlienVault Open Threat Exchange (OTX™) is an open threat information sharing and analysis network, created to put effective security measures within the reach of all organizations.


This is a terrific idea.

Labels:

By : Tighten Open Threat Exchange (OTX) | AlienVault 0 comments

6.12.2014
Mac Developer: Russian malware creators rule. Here's how they got so good | VentureBeat | Security | by Richard Byrne Reilly

Russian malware creators rule. Here's how they got so good | VentureBeat | Security | by Richard Byrne Reilly: "Eastern Europe, in particular Russia, is the malware capital of the world. That’s the assertion of Adam Kujawa, a former Navy cryptologist and head of malware intelligence for Malwarebytes, a growing San Jose security outfit that has 100 employees and was originally founded in the windswept Baltic country of Estonia."
Interesting read.

Labels: ,

By : Tighten Russian malware creators rule. Here's how they got so good | VentureBeat | Security | by Richard Byrne Reilly 0 comments

6.08.2014
Mac Developer: A programmer's view of Apple's new Swift language | VentureBeat | Dev | by Richard Byrne Reilly

A programmer's view of Apple's new Swift language | VentureBeat | Dev | by Richard Byrne Reilly
Objective-C is great and really powerful. It has served Apple well for a really long time. It’s older than the web though. It is pretty awkward to learn – especially for someone new to programming.

No real plans to change to Swift here, but Metal is definitely on the whiteboard. Of course, at same time, love them tuples and other innovative new language features (Yay! I watched the Advanced Swift WWDC talk). And I will much enjoy watching new programmers getting very confused over the difference between structs and classes.

I will use Swift for small tasks. Although I suppose if I'm going to learn a new language it might as well be C#. That mono runtime is really slutty.

Although I do think there are some merits to eliminating header files (Modula-2 "Interface"), I think it would be good to have an option. Really the last thing I want to do when studying a module's interface is read implementation details.

Labels: ,

By : Tighten A programmer's view of Apple's new Swift language | VentureBeat | Dev | by Richard Byrne Reilly 0 comments

6.06.2014
Mac Developer: Apple, Inc. opens up access to its WWDC developer utopia

Apple, Inc. opens up access to its WWDC developer utopia: "Another reason why the hands-on labs are seen by developers as being a priority at WWDC is that Apple now makes the videos of its technical sessions available almost immediately, through either the WWDC app or iTunes. "
Favorite aspect of the new WWDC. Although everyone, I'm sure, would love to attend, it's just not feasible.

Labels:

By : Tighten Apple, Inc. opens up access to its WWDC developer utopia 0 comments

6.05.2014
Mac Developer: Marc Andreessen & Bill Gates agree with Fox News on this: Snowden is a traitor | VentureBeat | Security | by Harrison Weber

Marc Andreessen & Bill Gates agree with Fox News on this: Snowden is a traitor | VentureBeat | Security | by Harrison Weber: "Silicon Valley investor and technologist Marc Andreessen today declared NSA whistleblower Ed Snowden a traitor on national television."

It's true that he spoke up. Who he betrayed is entirely dependent on your interpretation of the purpose of the Constitution of the United States of America.
"When they came for my friend I did not talk, when they came for my brother I did not talk, when they came for my neighbor I did not talk, soon they will come for me and there will be no one to speak for me".

I think he spoke for a lot of Americans.

Labels:

By : Tighten Marc Andreessen & Bill Gates agree with Fox News on this: Snowden is a traitor | VentureBeat | Security | by Harrison Weber 0 comments

6.04.2014
Mac Developer: Apple's top secret Swift language grew from work to sustain Objective C, which it now aims to replace

Apple's top secret Swift language grew from work to sustain Objective C, which it now aims to replace: "We simplified memory management with Automatic Reference Counting (ARC). "
I don't necessarily agree ARC simplifies anything. It's also at least 20 percent slower than non-ARC code. Noticeable on the ARM platform, not as much on the Desktop. Alas, the future.

Labels:

By : Tighten Apple's top secret Swift language grew from work to sustain Objective C, which it now aims to replace 0 comments

Mac Developer: A programmer's view of Apple's new Swift language | VentureBeat | Gadgets | by Richard Byrne Reilly

A programmer's view of Apple's new Swift language | VentureBeat | Gadgets | by Richard Byrne Reilly: "Swift pulls a lot from various lanagues. There’s a lot that reminds me of JavaScript, Go, Ruby, and others. Objective-C is pretty old. It’s a really welcome change to see lots of features inspired by modern languages."
Of course, I'm no expert, but Swift looks more like Scala to me than any other language I've been exposed to.

Labels: ,

By : Tighten A programmer's view of Apple's new Swift language | VentureBeat | Gadgets | by Richard Byrne Reilly 0 comments

6.02.2014
Mac Developer: Apple unveils Swift, a brand new Xcode programming language for developers

Apple unveils Swift, a brand new Xcode programming language for developers: "In a demonstration, Apple showed off the 'Swift Playground,' where developers write code and how results are displayed as soon as code is written. Apple says Swift was designed from the ground up for Cocoa and Cocoa Touch. Swift can be used for basic apps, like social networking, or advanced 3D games using the new 'Metal' graphics optimization. And because it operates alongside Objective-C, developers will be able to seamlessly interchange languages."
Looking forward to Swift and Metal. Together or individually.

Labels: , ,

By : Tighten Apple unveils Swift, a brand new Xcode programming language for developers 0 comments

5.31.2014
Mac Developer: WWDC 2014 Roundup: Enhanced iOS 8, redesigned OS X 10.10, new hardware (plus fresh details) | 9to5Mac

WWDC 2014 Roundup: Enhanced iOS 8, redesigned OS X 10.10, new hardware (plus fresh details) | 9to5Mac: "It is also uncertain which or if any of the above devices will be introduced at WWDC. Perhaps these are in store for later this year or next year."
I think it's a good sign that all of this is just speculation. Nobody let the cat out of the pajamas. Wait. As for user interface fashion, I'm still working on my HUD controls. HUD is dead, long live the HUD. Aqua is dead, long live the aqua.

Labels:

By : Tighten WWDC 2014 Roundup: Enhanced iOS 8, redesigned OS X 10.10, new hardware (plus fresh details) | 9to5Mac 0 comments

5.22.2014
Mac Developer: Hackers claim to have exploit for iCloud, use vulnerability to disable Activation Lock

Hackers claim to have exploit for iCloud, use vulnerability to disable Activation Lock
Apple recently patched a similar vulnerability in OS X and iOS, but iTunes on Windows remains susceptible. Loman believes that the issue is "either a beginner's mistake, or it was done on purpose" and alleges that it may have been designed to allow intelligence agencies access to iCloud. "


Hard to say where internet security is headed. So much code being written.

Labels: ,

By : Tighten Hackers claim to have exploit for iCloud, use vulnerability to disable Activation Lock 0 comments

5.17.2014
Mac Developer: Sprint was the only telco to stand up to the NSA | VentureBeat | Security | by Barry Levine

Sprint was the only telco to stand up to the NSA | VentureBeat | Security | by Barry Levine: "He added that there is now some legislative movement in Congress to modify the basic problem, which Geiger described as ‘insufficient oversight at every level.’"
That's actually quite a funny statement. Insufficient oversight at every level. Usually you would associate that problem with some backwards country. Hard to say who is leading the free world these days and where we're being led.

Labels:

By : Tighten Sprint was the only telco to stand up to the NSA | VentureBeat | Security | by Barry Levine 0 comments

5.06.2014
Mac Developer: Of Flash Player versions and codesigning and signatures | Jaharmi’s Irreality

Of Flash Player versions and codesigning and signatures | Jaharmi’s Irreality
However, it’s also difficult to understand why a large corporation with the resources of Adobe cannot codesign a piece of software as critical to the Mac OS X browsing experience as the Adobe Flash plugin is — especially when its “Install Manager” application is signed."


One of the many problems with Flash vulnerabilities. You can't even check to see if the Flash plug-in is authentic.

Yesterday I opened a Safari session on Mavericks and was pummelled with dialog boxes (reminisent of Windows popups) asking me to upgrade Flash.

I was redirected to the Adobe website and didn't think to check the codesign on the Flash installer before installing. What a nightmare!

Labels: ,

By : Tighten Of Flash Player versions and codesigning and signatures | Jaharmi’s Irreality 0 comments

Mac Developer: Adobe Flash Security Update Tackles Zero-Day Flaw | The Mac Security Blog

Adobe Flash Security Update Tackles Zero-Day Flaw | The Mac Security Blog
Adobe Systems has released a brand new Adobe Flash security update to patch a zero-day flaw in its Flash Player software, updating to version 13.0.0.206 for Mac and Windows. "


A little news to Tighten your day!

Labels:

By : Tighten Adobe Flash Security Update Tackles Zero-Day Flaw | The Mac Security Blog 0 comments

5.04.2014
Mac Developer: Here comes a new, Web-wide security threat -- this time for OAuth & OpenID

Here comes a new, Web-wide security threat -- this time for OAuth & OpenID | VentureBeat | Security | by Barry Levine - When the flaw he calls Covert Redirect is exploited, you might click on a phishing link. It shows a popup window from a trusted site, and asks you to authorize a new app using, say, your Facebook login. But it then grabs your personal info – such as email address, birth date, or contacts — and sends it to the attacker.


Personally, I am amazed by what the data that JavaScript is able to grab from within a browser session. Keep that sandbox tightened!

Labels: , ,

By : Tighten Here comes a new, Web-wide security threat -- this time for OAuth & OpenID 0 comments

5.03.2014
Mac Developer: Apple to routinely inform users of government data requests

Apple to routinely inform users of government data requests
Apple, Microsoft, Facebook and Google are planning to inform users of government data seizures on a more routine basis unless a gag order is handed down from the appropriate authorities, reports The Washington Post."


I'm not paranoid. People are really out to get me!

Labels:

By : Tighten Apple to routinely inform users of government data requests 0 comments

4.28.2014
Mac Developer: 8 reasons we love the Last Hacker (& a free event where you can meet him yourself) | VentureBeat | Dev | by J. O'Dell

8 reasons we love the Last Hacker (& a free event where you can meet him yourself) | VentureBeat | Dev | by J. O'Dell
That is exactly why we’ve invited Stallman to appear at a one-night-only engagement to talk about copyright and community. On May 2, 2014, at 6 p.m., he’ll be speaking at the Automattic Lounge in San Francisco, and you’re invited to attend free of charge!"


It's been a really, really long time since I met Stallman handing out his Fanged Apple badges at the Software Development conference back in, hmmm. '89? '90?

Labels:

By : Tighten 8 reasons we love the Last Hacker (& a free event where you can meet him yourself) | VentureBeat | Dev | by J. O'Dell 0 comments

4.19.2014
Mac Developer: How Apple dodged the Heartbleed bullet

How Apple dodged the Heartbleed bullet - When it announced plans to deprecate OpenSSL in June 2011, Apple wasn't aware of the Heartbleed flaw because it didn't yet exist. However, the company was aware of other problems with OpenSSL (libcrypto), a security toolkit Apple began using within the Common Data Security Architecture more than a decade ago.


OK, fair enough. But go ahead and try creating a fresh implementation of SSL without the source code from OpenSSL as a reference.

Labels: ,

By : Tighten How Apple dodged the Heartbleed bullet 0 comments

4.14.2014
Mac Developer: 85% of Windows XP users say they're not upgrading, antivirus company finds | VentureBeat | Security | by Devindra Hardawar

85% of Windows XP users say they're not upgrading, antivirus company finds | VentureBeat | Security - Only 15 percent of Avast customers surveyed said they planned to upgrade from XP, even though Microsoft officially ended support for the aging OS last week.
The opportunity here is to act like a grown-up software company (like IBM) and support your operating systems until your customers don't need it anymore.

How's that go again? Those that don't know history are doomed to repeat it? IBM. Dominant for 30 years.
BBC News - Half-century milestone for IBM mainframes - The first System 360 mainframe was unveiled on 7 April 1964 and its arrival marked a break with all general purpose computers that came before.

Labels:

By : Tighten 85% of Windows XP users say they're not upgrading, antivirus company finds | VentureBeat | Security | by Devindra Hardawar 0 comments

Mac Developer: Play Nintendo DS games on non-jailbroken devices with the nds4ios emulator | 9to5Mac

Play Nintendo DS games on non-jailbroken devices with the nds4ios emulator | 9to5Mac
The app gets around Apple’s restrictions by using an enterprise provisioning profile reports TourchArcade. This is normally meant for businesses to distribute apps to company employees, but nds4ios is exploiting it as a way to enable widespread app distribution. "


I'm probably not alone in thinking that the App Store is now completely overcrowded with junk that would likely not be clogging the pipes if there were simpler ways to do ad-hoc distribution.

By : Tighten Play Nintendo DS games on non-jailbroken devices with the nds4ios emulator | 9to5Mac 0 comments

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Download    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2012
All Rights Reserved
Tighten Pro