Links...
 
Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

11.02.2017
Mac Developer: The underground story of Cobra, the 1980s’ illicit handmade computer | Ars Technica

The underground story of Cobra, the 1980s’ illicit handmade computer | Ars Technica: "Back then, Romania’s hardware industry mainly cloned the British Sinclair ZX Spectrum, a machine released in the UK in 1982. This device was copied all across Central and Eastern Europe. The ZX Spectrum was an 8-bit personal computer built around a Zilog Z80 A CPU running a BASIC interpreter, an easy-to-use programming language widespread on microcomputers at that time. It used a TV set as a display and audio cassettes for storage."

I have seen the future and it is the past.

Labels:

By : Tighten The underground story of Cobra, the 1980s’ illicit handmade computer | Ars Technica 0 comments

10.26.2017
Mac Developer: Google engineer proves any iPhone app with permission to access the camera is capable of spying

Google engineer proves any iPhone app with permission to access the camera is capable of spying: "Once granted, Krause advises it is possible for an app to photograph and record from the cameras any time the app is in the foreground, without informing the user the images and video are being captured with flashes or other indictors. "

Troubling but not nearly as troubling as the gaping security holes on Android.

Labels:

By : Tighten Google engineer proves any iPhone app with permission to access the camera is capable of spying 0 comments

10.16.2017
Mac Developer: Apple confirms KRACK Wi-Fi WPA-2 attack vector patched in iOS, tvOS, watchOS, macOS betas

Apple confirms KRACK Wi-Fi WPA-2 attack vector patched in iOS, tvOS, watchOS, macOS betas: "AppleInsider has learned that Apple has rectified the "KRACK Attack" Wi-Fi WPA-2 exploit in "recent" macOS, iOS, tvOS, and watchOS betas —but was unable to confirm that a patch is coming for the AirPort series of routers."

The other shoe dropping...

Labels:

By : Tighten Apple confirms KRACK Wi-Fi WPA-2 attack vector patched in iOS, tvOS, watchOS, macOS betas 0 comments

Mac Developer: Wi-Fi security has been breached, say researchers - The Verge

Wi-Fi security has been breached, say researchers - The Verge: "At about 7AM ET this morning, researchers revealed details of a new exploit called KRACK that takes advantage of vulnerabilities in Wi-Fi security to let attackers eavesdrop on traffic between computers and wireless access points."

Kind of a major fail.

Labels: ,

By : Tighten Wi-Fi security has been breached, say researchers - The Verge 0 comments

10.15.2017
Mac Developer: Cult of Mac Magazine: Why you shouldn’t trust every Apple ID prompt, and more | Cult of Mac

Cult of Mac Magazine: Why you shouldn’t trust every Apple ID prompt, and more | Cult of Mac: "It’s not uncommon to see a random popup that asks you to “Sign In to iTunes Store” on iOS. They sometimes appear unexpectedly, but they’re usually genuine. There is a chance that the app’s developer is phishing for your Apple ID password. We’ll show you an easy trick to distinguish legit popups from phishing attempts."

The beginning of the end...

Labels:

By : Tighten Cult of Mac Magazine: Why you shouldn’t trust every Apple ID prompt, and more | Cult of Mac 0 comments

10.11.2017
Mac Developer: Israeli spies 'watched Russian agents breach Kaspersky software' - BBC News

Israeli spies 'watched Russian agents breach Kaspersky software' - BBC News: "Israeli spies looked on as Russian hackers breached Kaspersky cyber-security software two years ago, US media report. The Russians were allegedly attempting to gather data on US intelligence programs, according to the New York Times and Washington Post."

Well, they can still sell to the Eastern Bloc and Brazil et al.

Labels:

By : Tighten Israeli spies 'watched Russian agents breach Kaspersky software' - BBC News 0 comments

9.29.2017
Mac Developer: Security study finds old or improperly updated Macs in limited danger from EFI attack vectors

Security study finds old or improperly updated Macs in limited danger from EFI attack vectors: " Duo suggests that Mac system administrators use the Apple-provided combo OS update, instead of delta updates —and to not use restore images to update machines even though it may be quicker."

Executive summary!

Labels:

By : Tighten Security study finds old or improperly updated Macs in limited danger from EFI attack vectors 0 comments

9.28.2017
Mac Developer: Patch alert! Easy-to-exploit flaw in Linux kernel rated 'high risk' • The Register

Patch alert! Easy-to-exploit flaw in Linux kernel rated 'high risk' • The Register: "If a malicious program is built as a Position Independent Executable (PIE), the loader can be exploited to map part of that application's data segment over the memory area reserved for its stack. This can result in memory corruption and possible local privilege escalation."

It's a lot of surface to keep secure.

Labels:

By : Tighten Patch alert! Easy-to-exploit flaw in Linux kernel rated 'high risk' • The Register 0 comments

9.26.2017
Mac Developer: Deloitte is a sitting duck: Key systems with RDP open, VPN and proxy 'login details leaked' • The Register

Deloitte is a sitting duck: Key systems with RDP open, VPN and proxy 'login details leaked' • The Register: "In addition, it appears that a Deloitte employee uploaded company proxy login credentials to his public Google+ page. The information was up there for over six months – and was removed in the past few minutes."

Trusted computing.

Labels: ,

By : Tighten Deloitte is a sitting duck: Key systems with RDP open, VPN and proxy 'login details leaked' • The Register 0 comments

Mac Developer: macOS's Keychain vulnerability reported earlier in Sept., Apple patch likely coming soon

macOS's Keychain vulnerability reported earlier in Sept., Apple patch likely coming soon: "The Keychain password vulnerability affecting multiple versions of macOS —including High Sierra —was reported to Apple on Sept. 7, and will likely be patched by the company in the near future, according to the security researcher who first publicized the issue. "

Hmmm.

Labels:

By : Tighten macOS's Keychain vulnerability reported earlier in Sept., Apple patch likely coming soon 0 comments

9.25.2017
Mac Developer: In spectacular fail, Adobe security team posts private PGP key on blog | Ars Technica

In spectacular fail, Adobe security team posts private PGP key on blog | Ars Technica: "But instead of clicking on the "public" button, the person responsible clicked on "all" and exported both keys into a text file. Then, without realizing the error, the text file was cut/pasted directly to Adobe's PSIRT blog."

Hmmm.

Labels: ,

By : Tighten In spectacular fail, Adobe security team posts private PGP key on blog | Ars Technica 0 comments

Mac Developer: Justice Department goes nuclear on Google in search warrant fight | Ars Technica

Justice Department goes nuclear on Google in search warrant fight | Ars Technica: "The Supreme Court is expected to announce any day whether it will hear the government's appeal of that Microsoft case, which has huge privacy ramifications for consumers and for the tech sector. The sector is being asked by the US government to comply with court orders that sometimes conflict with the laws of where the data is stored."

Do yeah, do yeah, do yeah?

Labels:

By : Tighten Justice Department goes nuclear on Google in search warrant fight | Ars Technica 0 comments

9.14.2017
Mac Developer: Ad industry complains Apple Safari update is 'unilateral and heavy-handed' against tracking

Ad industry complains Apple Safari update is 'unilateral and heavy-handed' against tracking: "Six ad industry organizations have crafted an open letter complaining about changes coming to Apple's Safari browser, claiming that a new feature — "Intelligent Tracking Prevention" — will hurt both them and the public."

Awesome!

Labels:

By : Tighten Ad industry complains Apple Safari update is 'unilateral and heavy-handed' against tracking 0 comments

9.10.2017
Mac Developer: Microsoft says it won't fix kernel flaw: It's not a security issue. Suuuure • The Register

Microsoft says it won't fix kernel flaw: It's not a security issue. Suuuure • The Register: "spotted this week by enSilo security researcher Omri Misgav, lies within the system call PsSetLoadImageNotifyRoutine, which has been part of Microsoft's operating system since Windows 2000 and is still active in the latest builds."

Things that go hmmmm in the night.

Labels:

By : Tighten Microsoft says it won't fix kernel flaw: It's not a security issue. Suuuure • The Register 0 comments

9.06.2017
Mac Developer: Exploit goes public for severe bug affecting high-impact sites | Ars Technica

Exploit goes public for severe bug affecting high-impact sites | Ars Technica: "The critical vulnerability is located in Apache Struts 2, an open-source framework that large numbers of enterprise-grade organizations use to develop customer-facing Web applications. The bug, which has been active since 2008, allows end users to execute malicious code or commands by plugging maliciously modified data into search boxes or similar features hosted on the site."

Not invented here syndrome may have some unexpected benefits.

Labels: , ,

By : Tighten Exploit goes public for severe bug affecting high-impact sites | Ars Technica 0 comments

8.21.2017
Mac Developer: Intel details 8th-generation Core i7, i5 processors suitable for MacBook, dual-core MacBook Pro refresh

Intel details 8th-generation Core i7, i5 processors suitable for MacBook, dual-core MacBook Pro refresh: "Previously teased in May, the four processors launched by Intel on Monday are all meant for use in notebooks and all-in-one desktop systems, due to being designed with a thermal design power (TDP) of 15 Watts, meaning the processors run at low temperatures. Intel claims the new Core i5 and Core i7 chips can lead to notebook and tablet designs with up to 10 hours of battery life, as well as the performance boost, which is said to provide double the processing power of processors released five years ago. "

Personally, I think Intel is doing a great job of not screwing up a good thing that you've got going.

Labels:

By : Tighten Intel details 8th-generation Core i7, i5 processors suitable for MacBook, dual-core MacBook Pro refresh 0 comments

8.20.2017
Mac Developer: Secret chips in replacement parts can completely hijack your phone’s security | Ars Technica

Secret chips in replacement parts can completely hijack your phone’s security | Ars Technica: "People with cracked touch screens or similar smartphone maladies have a new headache to consider: the possibility the replacement parts installed by repair shops contain secret hardware that completely hijacks the security of the device."

Yay for us.

Labels:

By : Tighten Secret chips in replacement parts can completely hijack your phone’s security | Ars Technica 0 comments

8.17.2017
Mac Developer: Encryption key for iPhone 5s Touch ID exposed, opens door to further research

Encryption key for iPhone 5s Touch ID exposed, opens door to further research: "The tool and hack is not for the inexperienced. The outputs of the tool are binaries of the kernel and related software regulating the communications between the Touch ID sensor and Secure Enclave —but not any information transmitted presently or in the past between the Touch ID sensor and the Secure Enclave."

If this was a movie, it could be called The Legacy of Bunnie Huang.

Labels: , ,

By : Tighten Encryption key for iPhone 5s Touch ID exposed, opens door to further research 0 comments

Mac Developer: Rowhammer RAM attack adapted to hit flash storage • The Register

Rowhammer RAM attack adapted to hit flash storage • The Register: "It's Rowhammer, Jim, but not as we know it: IBM boffins have taken the DRAM-bit-flipping-as-attack-vector trick found by Google and applied it to MLC NAND Flash."

Just when you thought it was safe to get back in the pool.

Labels: ,

By : Tighten Rowhammer RAM attack adapted to hit flash storage • The Register 0 comments

Mac Developer: Comp sci world shock: Bonn boffin proposes P≠NP proof, preps for prestige, plump prize • The Register

Comp sci world shock: Bonn boffin proposes P≠NP proof, preps for prestige, plump prize • The Register: "This isn't purely an abstract issue. Current cryptography assumes P≠NP; if that turns out to be wrong, online security could become much more of a challenge."

It's the beef in "Where's the beef?"

Labels:

By : Tighten Comp sci world shock: Bonn boffin proposes P≠NP proof, preps for prestige, plump prize • The Register 0 comments

8.14.2017
Mac Developer: TSMC in mass production of 10nm 'A11' chips for Apple's 'iPhone 8'

TSMC in mass production of 10nm 'A11' chips for Apple's 'iPhone 8': "TSMC is applying the same 10-nanometer FinFET manufacturing technique being used to make A10X chips for this year's 10.5- and 12.9-inch iPad Pros, DigiTimes said on Monday. The A10X is in fact believed to be the first chip produced with the technique, though TSMC does have other clients."

Just when you think that Moore's law is over, FinFET smacks you upside the head.

Labels:

By : Tighten TSMC in mass production of 10nm 'A11' chips for Apple's 'iPhone 8' 0 comments

Mac Developer: Google refuses comment on 'aggressive deployment' of Android spyware app in Play store

Google refuses comment on 'aggressive deployment' of Android spyware app in Play store: "Google has taken action to curb the spread of Android malware based on "SonicSpy" that besides just exfiltrating personal data from the phone, had the ability to silently record audio, take photos with the camera, make calls, and send text messages."

No comment.

Labels:

By : Tighten Google refuses comment on 'aggressive deployment' of Android spyware app in Play store 0 comments

8.13.2017
Mac Developer: Firmware update blunder bricks hundreds of home 'smart' locks • The Register

Firmware update blunder bricks hundreds of home 'smart' locks • The Register
"Damned if you do, damned if you don't." - Bart Simpson

Labels: ,

By : Tighten Firmware update blunder bricks hundreds of home 'smart' locks • The Register 0 comments

Mac Developer: Revealed: The naughty tricks used by web ads to bypass blockers • The Register

Revealed: The naughty tricks used by web ads to bypass blockers • The Register
The arms race for your eyeballs.

Labels:

By : Tighten Revealed: The naughty tricks used by web ads to bypass blockers • The Register 0 comments

8.09.2017
Mac Developer: Suspected sextortionist hiding behind Tor is outed by booby-trapped video | Ars Technica

Suspected sextortionist hiding behind Tor is outed by booby-trapped video | Ars Technica: "The FBI used a booby-trapped video to identify a California man who allegedly used the Tor network to anonymously extort sexually explicit material from minors online."

Score one for the good guys!

Labels: , ,

By : Tighten Suspected sextortionist hiding behind Tor is outed by booby-trapped video | Ars Technica 0 comments

8.06.2017
Mac Developer: BBC - Future - Why can't films and TV accurately portray hackers?

BBC - Future - Why can't films and TV accurately portray hackers?: "As time goes on, it’s becoming more difficult to get away with false portrayals of hacking and technology. Some of the most famous offenders are..."

Sneakers was awesome.

Labels: , ,

By : Tighten BBC - Future - Why can't films and TV accurately portray hackers? 0 comments

8.03.2017
Mac Developer: Why the Bitcoin network just split in half and why it matters | Ars Technica

Why the Bitcoin network just split in half and why it matters | Ars Technica
The curious case of.

Labels:

By : Tighten Why the Bitcoin network just split in half and why it matters | Ars Technica 0 comments

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Quarantino    
 Downloads    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2015
All Rights Reserved
Tighten Pro