Links...
 
Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

1.23.2017
Mac Developer: Annoyingly precocious teen who ruined Trek is now an asteroid • The Register

Annoyingly precocious teen who ruined Trek is now an asteroid • The Register: "Actor Asteroid 391257, who rose to prominence for playing annoyingly precocious teen Starfleet member Wesley Crusher in Star Trek: The Next Generation, now has an asteroid named after him."

This is not fake news.

Labels:

By : Tighten Annoyingly precocious teen who ruined Trek is now an asteroid • The Register 0 comments

1.19.2017
Mac Developer: Disposable, anonymous servers, via Bitcoin and Python • The Register

Disposable, anonymous servers, via Bitcoin and Python • The Register: "Teran McKinney, a Texas-based systems engineer with a professed fondness for Ayn Rand, is taking disposable infrastructure a step further with a service called SporeStack that allows developers to deploy servers anonymously, paid for in Bitcoin."

Disposably yours.

Labels:

By : Tighten Disposable, anonymous servers, via Bitcoin and Python • The Register 0 comments

1.18.2017
Mac Developer: 'Fruitfly' malware patched by Apple relies on 'ancient' Mac system calls

'Fruitfly' malware patched by Apple relies on 'ancient' Mac system calls: "The company noted that Apple has already released a silent update for macOS, dubbing the malware "Fruitfly." Malwarebytes' own app identifies the code as "OSX.Backdoor.Quimitchin," making a reference to ancient Aztec spies."

libJPEG, what?

Labels: , ,

By : Tighten 'Fruitfly' malware patched by Apple relies on 'ancient' Mac system calls 0 comments

1.16.2017
Mac Developer: Windows 10 Anniversary Update crushed exploits without need of patches • The Register

Windows 10 Anniversary Update crushed exploits without need of patches • The Register: "The August updates brought in a series of operating system security improvements including boosts to Windows Defender and use of AppContainer, designed to raise the difficulty of having zero day exploits execute on patched systems."

Hear, hear.

Labels:

By : Tighten Windows 10 Anniversary Update crushed exploits without need of patches • The Register 0 comments

Mac Developer: US appeals court says public has right to sue Apple over App Store exclusivity

US appeals court says public has right to sue Apple over App Store exclusivity: "A U.S. federal appeals court ruled on Thursday that people do indeed have the right to sue Apple over limiting iOS devices to apps from the App Store, potentially paving the way for an open app marketplace in the future."

Caveat emptor.

Labels: ,

By : Tighten US appeals court says public has right to sue Apple over App Store exclusivity 0 comments

1.15.2017
Mac Developer: How Apple exploded Europe's crony capitalism • The Register

How Apple exploded Europe's crony capitalism • The Register: "I remember a senior Nokia engineer explaining in astonishment how the iPhone's frame rate was 60fps – more than twice the frame rate needed to be "smooth". For a competitive product analysis, Nokia had brought in expensive movie cameras to film the iPhone's UI animations to confirm this fact. Apple was investing heavily in GPU hardware that nobody needed. "Why would they bother?" they all wondered."

Everybody sit on your hands! Sit on your hands! Yeah! Sit on your hands, yeah!

Labels:

By : Tighten How Apple exploded Europe's crony capitalism • The Register 0 comments

1.12.2017
Mac Developer: FBI takes gag out of Cloudflare's mouth after three-year legal battle • The Register

FBI takes gag out of Cloudflare's mouth after three-year legal battle • The Register: "Cloudflare says it is also involved in a case being pursued by the EFF and Credo Mobile that challenges the FBI's authority to file the NSLs, and asks that the gag orders be ruled unconstitutional."

Things that go hmmmm in the night.

Labels:

By : Tighten FBI takes gag out of Cloudflare's mouth after three-year legal battle • The Register 0 comments

1.11.2017
Mac Developer: Digital video recorder installers master password list 'leaked' – claims • The Register

Digital video recorder installers master password list 'leaked' – claims • The Register: "The vendor's 2017 list of superuser passwords for certain DVRs – designed only for CCTV installers to access customer installations – appears to have leaked online."

Master password? Now there's a good idea.

Labels:

By : Tighten Digital video recorder installers master password list 'leaked' – claims • The Register 0 comments

1.09.2017
Mac Developer: Hacker publishes GitHub secret key hunter • The Register

Hacker publishes GitHub secret key hunter • The Register: "Reddit users praising the tool have claimed Amazon already searches GitHub for AWS keys and shutters the respective service when any are found."

When the private is published.

Labels: ,

By : Tighten Hacker publishes GitHub secret key hunter • The Register 0 comments

1.06.2017
Mac Developer: CIA director AOL email hacker coughs to crime • The Register

CIA director AOL email hacker coughs to crime • The Register: "Justin Liverman, arrested by the FBI for breaking into the AOL email account of CIA director John Brennan, has today signed a guilty plea deal in the face of what his lawyers described as "draconian penalties.""

Hmm.

Labels:

By : Tighten CIA director AOL email hacker coughs to crime • The Register 0 comments

12.30.2016
Mac Developer: How Police Get Your Private Facebook Data | The Daily Dot

How Police Get Your Private Facebook Data | The Daily Dot: "It should come as no surprise, then, that the latest summary report by the social media network indicated another increase in requests for Facebook user account information by the U.S government and law enforcement agencies."

That's a TMI!

Labels:

By : Tighten How Police Get Your Private Facebook Data | The Daily Dot 0 comments

Mac Developer: Death to Apple's Mac Mini: I made a Hackintosh

Death to Apple's Mac Mini: I made a Hackintosh: "There's an option known as Hackintosh. It's a process of getting MacOS to run on PCs, and it's possible thanks to a group of way-nerdier-than-I-am people who are always finding new ways to make it work."

Maybe one day Mac OS will be like Linux simply because Apple cares more about the iPhone. Could be good thing. Could be a bad thing. Could be nothing.

Labels: , , ,

By : Tighten Death to Apple's Mac Mini: I made a Hackintosh 0 comments

12.29.2016
Mac Developer: Trio charged with $4m insider trading by hacking merger lawyers • The Register

Trio charged with $4m insider trading by hacking merger lawyers • The Register: "Manhattan US attorney Preet Bharara said: "This case of cyber meets securities fraud should serve as a wake-up call for law firms around the world: you are and will be targets of cyber hacking, because you have information valuable to would-be criminals.”"

Dang! Both Hong and Hung.

Labels: ,

By : Tighten Trio charged with $4m insider trading by hacking merger lawyers • The Register 0 comments

Mac Developer: Apple engineer briefly discusses early iPhone work, hardware development security

Apple engineer briefly discusses early iPhone work, hardware development security: "Lambert claims that he wrote 6% of the MacOS Kernel as measured by lines of code, or about 100,000 lines a year, much of which was repurposed for the iOS kernel."

Code can last a long time if the layer underneath it is solid.

Labels:

By : Tighten Apple engineer briefly discusses early iPhone work, hardware development security 0 comments

12.23.2016
Mac Developer: Apple drops requirement for apps to use HTTPS by 2017 • The Register

Apple drops requirement for apps to use HTTPS by 2017 • The Register: "App Transport Security (ATS) arrived in 2015 iOS and OS X in 2015, in Apple's own words, “improves privacy and data integrity by ensuring your app’s network connections employ only industry-standard protocols and ciphers without known weaknesses.” Which in practical terms means apps have to use HTTPS.

Pushing you to push the envelope.

Labels:

By : Tighten Apple drops requirement for apps to use HTTPS by 2017 • The Register 0 comments

Mac Developer: Leaked documents show breadth of iPhone data accessible by Cellebrite forensic tool

Leaked documents show breadth of iPhone data accessible by Cellebrite forensic tool: "Cellebrite is one of a number of firms specializing in cellphone cracking technology, or more specifically mobile device intrusion and data retrieval software and hardware. The company claims its UFED tool can bypass passcode locks, extract and decode almost all data from hundreds of smartphone and tablet models, including Apple hardware. "

More things that go hmmmm in the night.

Labels:

By : Tighten Leaked documents show breadth of iPhone data accessible by Cellebrite forensic tool 0 comments

12.21.2016
Mac Developer: Report: Application security continues to be a problem - SD Times

Report: Application security continues to be a problem - SD Times: "Application security continues to be a problem"

Don't try to read this article in Google Chrome.

Labels:

By : Tighten Report: Application security continues to be a problem - SD Times 0 comments

12.18.2016
Mac Developer: Macbook seized or stolen? But you've set a FileVault password, right? Ha, it's useless • The Register

Macbook seized or stolen? But you've set a FileVault password, right? Ha, it's useless • The Register: "However, Ulf Frisk, a security researcher based in Sweden, found that he could plug an assembled device running software called PCILeech into a Mac and obtain the FileVault 2 encryption password using a direct memory access (DMA) attack during the reboot process."

Things that go hmmm in the night.

Labels:

By : Tighten Macbook seized or stolen? But you've set a FileVault password, right? Ha, it's useless • The Register 0 comments

12.16.2016
Mac Developer: Top tech company's IP was looted by China, so it plans to hack back • The Register

Top tech company's IP was looted by China, so it plans to hack back • The Register: "The poster child for the green energy revolution is in ruins: its executives say they have hard evidence that China's People's Liberation Army stole its breakthrough technology before it could commercialise it. So now the company plans to hack back."

It's not your mother's internet security.

Labels:

By : Tighten Top tech company's IP was looted by China, so it plans to hack back • The Register 0 comments

12.15.2016
Mac Developer: Slack adds group & individual video calls to workplace chat platform

Slack adds group & individual video calls to workplace chat platform: "Slack on Tuesday announced the launch of video calling for its popular workplace collaboration platform, which is rolling out to Mac, Windows, and Chrome users over the next few days."

Is it WebRTC or the revenge of the plug-in. Eventually JavaScript is not enough and then the browser (Web App) exposes a new attack surface with a huge user base. Maybe the browser should run in it's own VM. Now where have I heard that before?

Labels:

By : Tighten Slack adds group & individual video calls to workplace chat platform 0 comments

12.13.2016
Mac Developer: Google begins releasing its secret FBI subpoenas

Google begins releasing its secret FBI subpoenas: "The search giant posted eight of the national security requests it was allowed to disclose."

Truly, big brother is now watching you.

Labels:

By : Tighten Google begins releasing its secret FBI subpoenas 0 comments

12.12.2016
Mac Developer: P0wnographer finds remote code exec bug in McAfee enterprise • The Register

P0wnographer finds remote code exec bug in McAfee enterprise • The Register: ""At a first glance, Intel's McAfee VirusScan Enterprise for Linux has all the best characteristics that vulnerability researchers love: it runs as root, it claims to make your machine more secure, it's not particularly popular, and it looks like it hasn't been updated in a long time," Fasano writes."

The problem with a protection tool like this is that exposes another attack surface.

Labels: , ,

By : Tighten P0wnographer finds remote code exec bug in McAfee enterprise • The Register 0 comments

12.11.2016
Mac Developer: The unbearable fragility of modern Mac OS X development | publicspace.net blog

The unbearable fragility of modern Mac OS X development | publicspace.net blog: "There I’ve done it again: I shipped a broken A Better Finder Rename release despite doubling down on build system verification, code signing requirements validation and gatekeeper acceptance checks, automation, quality assurance measures, etc."

Well said, Fred!

Labels:

By : Tighten The unbearable fragility of modern Mac OS X development | publicspace.net blog 0 comments

12.07.2016
Mac Developer: Inside the Cybercrime World of Russia's Hackers | VICE | Canada

Inside the Cybercrime World of Russia's Hackers | VICE | Canada: "On an all new episode of CYBERWAR, we investigate the big business of Russian cybercrime and talk with hackers who say some get a pass when they work double duty for Putin and his geopolitical ambitions."

Let's cyber.

Labels:

By : Tighten Inside the Cybercrime World of Russia's Hackers | VICE | Canada 0 comments

12.06.2016
Mac Developer: Sony kills off secret backdoor in 80 internet-connected CCTV models • The Register

Sony kills off secret backdoor in 80 internet-connected CCTV models • The Register: "Sony has killed off what, charitably, looks like a debug backdoor in 80 of its web-connected surveillance cameras that can be exploited to hijack the devices."

Apparently, a new meaning for the term secret.

Labels:

By : Tighten Sony kills off secret backdoor in 80 internet-connected CCTV models • The Register 0 comments

Mac Developer: Millions exposed to malvertising that hid attack code in banner pixels | Ars Technica

Millions exposed to malvertising that hid attack code in banner pixels | Ars Technica: "Millions of people visiting mainstream websites over the past two months have been exposed to a novel form of malicious ads that embed attack code in individual pixels of the banners."

Imagine that: they can root your computer by running a banner ad.

Labels:

By : Tighten Millions exposed to malvertising that hid attack code in banner pixels | Ars Technica 0 comments

Mac Developer: Apple AI researchers gagged no more, now allowed to publish and confer with colleagues

Apple AI researchers gagged no more, now allowed to publish and confer with colleagues: "After years of silence from Apple's researchers over fear of losing commercial intellectual property, the company is now allowing employees in artificial intelligence to not only publish their research, but also interface with other academics in the field to further the overall development of the technology."

Either the end of the beginning or the beginning of The End.

Labels:

By : Tighten Apple AI researchers gagged no more, now allowed to publish and confer with colleagues 0 comments

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Quarantino    
 Downloads    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2015
All Rights Reserved
Tighten Pro