Links...
 
Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

2.06.2016
Mac Developer: UC Berkeley profs lambast new “black box” network monitoring hardware | Ars Technica

UC Berkeley profs lambast new “black box” network monitoring hardware | Ars Technica The Fidelis hardware and software is designed to "detect attacks" and analyze "every single packet that traverses the network."
Trust us, it's secure, not at all like the Juniper routers that feature remote access to well, anyone...

Labels:

By : Tighten UC Berkeley profs lambast new “black box” network monitoring hardware | Ars Technica 0 comments

2.05.2016
Mac Developer: Big in Tehran: Inside Iran’s $140M console and PC market

Big in Tehran: Inside Iran’s $140M console and PC market The eighth generation of consoles, however, has proven uncrackable, so customers have no choice but to pay the substantially higher costs. PS4 ownership is remarkably high, reflecting the willingness of Iranian gamers to access the best regardless of cost.
State sponsored piracy. Our new friends in Iran!

Labels:

By : Tighten Big in Tehran: Inside Iran’s $140M console and PC market 0 comments

Mac Developer: Mysterious spike in WordPress hacks silently delivers ransomware to visitors | Ars Technica

Mysterious spike in WordPress hacks silently delivers ransomware to visitors | Ars Technica

It's not yet clear how the WordPress sites are getting infected in the first place. It's possible that administrators are failing to lock down the login credentials that allow the site content to be changed. It's also feasible that attackers are exploiting an unknown vulnerability in the CMS, one of the plugins it uses, or the operating system they run on.
JavaScript is the new Flash, the security gift that keeps on giving.

Labels:

By : Tighten Mysterious spike in WordPress hacks silently delivers ransomware to visitors | Ars Technica 0 comments

Mac Developer: Apple ordered to pay $625M in revived VirnetX patent trial

Apple ordered to pay $625M in revived VirnetX patent trial

After a week of testimony and deliberation, a jury in the patent owner-friendly East Texas Federal District Court handed down a unanimous decision against Apple's FaceTime, iMessage and VPN services, as well as the devices running them, finding each in infringement of VirnetX intellectual property covering secure communications protocols.
Gifts from the state of Texas have included this, president George W. Bush, Enron and the incident on the grassy knoll.

Labels:

By : Tighten Apple ordered to pay $625M in revived VirnetX patent trial 0 comments

2.01.2016
Mac Developer: NSA, GCHQ used open source software to spy on Israeli, Syrian drones | Ars Technica

NSA, GCHQ used open source software to spy on Israeli, Syrian drones | Ars Technica Iraqi insurgents, using gear that was possibly provided by Iran, were able to use SkyGrabber, a $26 "off-the-shelf" software package, to intercept video feeds from Predator drones live in 2008 and 2009 (though those feeds were not encrypted at the time).
I guess even the DOD needs a pre-existing 3rd party software module from time to time.

Labels:

By : Tighten NSA, GCHQ used open source software to spy on Israeli, Syrian drones | Ars Technica 0 comments

1.25.2016
Mac Developer: AT&T CEO won’t join Tim Cook in fight against encryption backdoors | Ars Technica

AT&T CEO won’t join Tim Cook in fight against encryption backdoors | Ars Technica “I don’t think it is Silicon Valley’s decision to make about whether encryption is the right thing to do,” Stephenson said in an interview with The Wall Street Journal. “I understand [Apple CEO] Tim Cook’s decision, but I don’t think it’s his decision to make.”
AT&T, a once-mighty all-American company.

Labels:

By : Tighten AT&T CEO won’t join Tim Cook in fight against encryption backdoors | Ars Technica 0 comments

1.20.2016
Mac Developer: Apple making sparse use of Swift in its own apps, engineer claims

Apple making sparse use of Swift in its own apps, engineer claims The Calculator app is the only part of iOS 9.2 that includes any Swift code, Ryan Olson noted in a blog post. It is at least said to be nearly "pure" Swift, with only two of 22 classes written in Apple's previous favorite language, Objective-C.
An immature language with no stable ABI? What's not to love? This language is for novices. One day, it will be for engineers.

Just to be clear, it's not the only new language with problems. I abandoned my experiments with Scala after I discovered the compiler couldn't parse a very simple and valid operator overloading construct. I'm sure there is someone out there who is excited to debug the compiler of a new language. My priorities lie elsewhere.

Labels: ,

By : Tighten Apple making sparse use of Swift in its own apps, engineer claims 0 comments

1.16.2016
Mac Developer: How malware developers could bypass Mac’s Gatekeeper without really trying | Ars Technica

How malware developers could bypass Mac’s Gatekeeper without really trying | Ars Technica

The exploit works with Apple-trusted executable apps that are bundled with, and are programmed to execute, one or more additional apps. The hack works by renaming the Apple-trusted file but otherwise making no other changes to it. Wardle then packages it inside an Apple disk image that contains any executables he wants. Gatekeeper inspects only the first executable file and allows the remaining bundled apps to be executed with no questions asked.
Hmmmmm..

Labels:

By : Tighten How malware developers could bypass Mac’s Gatekeeper without really trying | Ars Technica 0 comments

1.10.2016
Mac Developer: White House official responds to 'El Chapo' interview - CNNPolitics.com

White House official responds to 'El Chapo' interview - CNNPolitics.com White House Chief of Staff Denis McDonough as well as several presidential candidates denounced comments made by drug kingpin Joaquin "El Chapo" Guzman in an exclusive interview with Sean Penn for Rolling Stone.
The trillion-dollar National Security surveillance infrastructure wasn't able to locate El Chapo, but Sean Penn was. Hmmmm.

Labels:

By : Tighten White House official responds to 'El Chapo' interview - CNNPolitics.com 0 comments

Mac Developer: Juniper drops NSA-developed code following new backdoor revelations | Ars Technica

Juniper drops NSA-developed code following new backdoor revelations | Ars Technica Juniper Networks, which last month made the startling announcement its NetScreen line of firewalls contained unauthorized code that can surreptitiously decrypt traffic sent through virtual private networks, said it will remove a National Security Agency-developed function widely suspected of also containing a backdoor for eavesdropping.
What part of the phrase "eminent domain" don't you understand? It's like the Trainman in the The Matrix...

By : Tighten Juniper drops NSA-developed code following new backdoor revelations | Ars Technica 0 comments

1.06.2016
Mac Developer: Android N switches to OpenJDK, Google tells Oracle it is protected by the GPL | Ars Technica

Android N switches to OpenJDK, Google tells Oracle it is protected by the GPL | Ars Technica Google told VentureBeat that it in "Android N," the next major version of Android, it is swapping Android's Java libraries from its own Apache Harmony-based implementation to one based on Oracle's OpenJDK—yes that Oracle, the same company suing Google.
Not sure what Oracle is upset about since Android is a major boon to the Java ecosystem. Under the Kleenex marketing principle they're crazy to upset the balance. What would be bad for Oracle is for Android to move to some other technology base. Like C# and the managed runtime, for example.

This is a sad legacy for SUN because Scott McNealy stood on his soapbox for years criticizing closed systems in favor of the open system model that SUN was all about.

Labels:

By : Tighten Android N switches to OpenJDK, Google tells Oracle it is protected by the GPL | Ars Technica 0 comments

1.02.2016
Mac Developer: Software with the most vulnerabilities in 2015: Mac OS X, iOS, and Flash | VentureBeat | Security | by Emil Protalinski

Software with the most vulnerabilities in 2015: Mac OS X, iOS, and Flash | VentureBeat | Security | by Emil Protalinski Which software had the most publicly disclosed vulnerabilities this year? The winner is none other than Apple’s Mac OS X, with 384 vulnerabilities. The runner-up? Apple’s iOS, with 375 vulnerabilities.
I guess it's not always good to be in the lead of Microsoft.

Labels:

By : Tighten Software with the most vulnerabilities in 2015: Mac OS X, iOS, and Flash | VentureBeat | Security | by Emil Protalinski 0 comments

12.29.2015
Mac Developer: North Korea's OS X clone is a dictator's 'wet dream'

North Korea's OS X clone is a dictator's 'wet dream' RedStar is based on Fedora 11, the Linux version released in 2009. Despite this, it borrows Apple’s user interface for OS X right down to the dock, menu bars, settings, and even the spinning beachball of doom.
It's like the dark side vs. the force. No metaphor required.

Labels: ,

By : Tighten North Korea's OS X clone is a dictator's 'wet dream' 0 comments

12.27.2015
Mac Developer: Edward Snowden: The Untold Story | WIRED

Edward Snowden: The Untold Story | WIRED I confess to feeling some kinship with Snowden. Like him, I was assigned to a National Security Agency unit in Hawaii—in my case, as part of three years of active duty in the Navy during the Vietnam War. Then, as a reservist in law school, I blew the whistle on the NSA when I stumbled across a program that involved illegally eavesdropping on US citizens.
Hmmm, not sure if it's still untold. I think it's told. Is it now told?

Labels:

By : Tighten Edward Snowden: The Untold Story | WIRED 0 comments

Mac Developer: Exploit Logs You Into Linux Systems After Hitting Backspace 28 Times | News & Opinion | PCMag.com

Exploit Logs You Into Linux Systems After Hitting Backspace 28 Times | News & Opinion | PCMag.com Though most of you likely don't run Linux—specifically, one using the Grub2 bootloader—you'll surely appreciate the unintended humor of a brand-new exploit that was recently found for said bootloader. The exploit is being quickly patched by various major Linux distros, including Ubuntu, Red Hat, and Debian, and it also requires physical access to an unpatched machine to work, so it's not the worst potential vulnerability, just one of the sillier ones.
Hmmmm.

Labels:

By : Tighten Exploit Logs You Into Linux Systems After Hitting Backspace 28 Times | News & Opinion | PCMag.com 0 comments

12.25.2015
Mac Developer: Another pirated app service uses Apple enterprise license to distribute stolen software

Another pirated app service uses Apple enterprise license to distribute stolen software Thought to be run by Chinese owners located in Shanghai, the vShare App Market has officially been in operation since 2011 and is recognized in some jailbreaking circles as a go-to source for free apps. The service recently gained notoriety for compatibility with non-jailbroken iPhones and iPads running iOS 8 and above.

Like other recent pirated app services, vShare is built on Apple's enterprise licensing technology. Designed for corporations or other entities with large iOS device deployments, Apple Developer Enterprise certificates allow license holders to provision their own apps for internal distribution and download.
There's that inconvenient software monoculture getting all up in yo face again.

Labels:

By : Tighten Another pirated app service uses Apple enterprise license to distribute stolen software 0 comments

12.22.2015
Mac Developer: Cock.li e-mail server seized by German authorities, admin announces | Ars Technica

Cock.li e-mail server seized by German authorities, admin announces | Ars Technica "That means that SSL keys and private keys and full mail content of all 64,500 of my users, as well as hashed passwords, registration time, and the last seven days of logs were all confiscated and now are in the hands of German authorities," Vincent Canfield said.
Do you know where your keys are?

Labels:

By : Tighten Cock.li e-mail server seized by German authorities, admin announces | Ars Technica 0 comments

12.21.2015
Mac Developer: How banks are trying squelch Bitcoin's momentum | VentureBeat | Business | by Rupert Hackett, BuyaBitcoin.com.au

How banks are trying squelch Bitcoin's momentum | VentureBeat | Business | by Rupert Hackett, BuyaBitcoin.com.au Bitcoin’s implementation effectively creates decentralized trust, which is the main asset banks sell, and it challenges the money minting monopoly of national governments.
Pandora's box is open. She ain't going back in.

Labels: ,

By : Tighten How banks are trying squelch Bitcoin's momentum | VentureBeat | Business | by Rupert Hackett, BuyaBitcoin.com.au 0 comments

12.20.2015
Mac Developer: Here are the devices law enforcement use to spy on you

Here are the devices law enforcement use to spy on you The Intercept obtained the catalog of devices used by federal and local law enforcement to collect and monitor cell phone data. The tracking hardware -- including the infamous Stingray -- in the catalog is accompanied by its capabilities including, limitations, "planning factors," price and manufacturer.
"I'm not paranoid, people are really out to get me."

Labels:

By : Tighten Here are the devices law enforcement use to spy on you 0 comments

Mac Developer: BlackBerry CEO bashes Apple's data privacy policies

BlackBerry CEO bashes Apple's data privacy policies In a post to Blackberry's official blog on Thursday, CEO John Chen slammed tech companies like Apple that "put their reputations over the greater good" by providing — and advertising — strong encryption and data privacy policies to all users, even criminals.
Because nothing says secure system like a backdoor left behind for the NSA. And nothing says national security like the global surveillance of Snapchat messages.

Labels:

By : Tighten BlackBerry CEO bashes Apple's data privacy policies 0 comments

12.18.2015
Mac Developer: 60 Minutes will go inside Jony Ive's 'secret design studio' this Sunday

60 Minutes will go inside Jony Ive's 'secret design studio' this Sunday 60 Minutes viewers will get an early Christmas present this Sunday, as presenter Charlie Rose gets a rare peak inside Jony Ive’s design studio, while also receiving a tour of “Apple’s store of the future” from retail guru Angela Ahrendts.
I think this is a terrible mistake because there is a reason the Lockheed skunkworks was such a prolific producer of amazing albeit deadly technology.

Labels:

By : Tighten 60 Minutes will go inside Jony Ive's 'secret design studio' this Sunday 0 comments

12.17.2015
Mac Developer: DanTheMan827/ios-app-signer

DanTheMan827/ios-app-signer This is an app for OS X that can (re)sign apps and bundle them into ipa files that are ready to be installed on an iOS device.
Hmmm! Sideloading über alles!

Labels:

By : Tighten DanTheMan827/ios-app-signer 0 comments

12.10.2015
Mac Developer: SHA1 sunset will block millions from encrypted net, Facebook warns | Ars Technica

SHA1 sunset will block millions from encrypted net, Facebook warns | Ars Technica Tens of millions of Internet users will be cut off from encrypted webpages in the coming months unless sites are permitted to continue using SHA1, a cryptographic hashing function that's being retired because it's increasingly vulnerable to real-world forgery attacks, Facebook and Web security company CloudFlare have warned.
That's OK because we want you to spend your annual income on buy a new computer anyway. After all, selling you something is what keeps Wall Street happy.

Labels:

By : Tighten SHA1 sunset will block millions from encrypted net, Facebook warns | Ars Technica 0 comments

12.09.2015
Mac Developer: Wired and Gizmodo both claim to have possibly found the creator of Bitcoin | Ars Technica

Wired and Gizmodo both claim to have possibly found the creator of Bitcoin | Ars Technica Both Wired and Gizmodo have claimed to have discovered the identity of "Satoshi Nakamoto," the anonymous creator of Bitcoin.
If nothing else, Bitcoin is entertaining.

Labels: ,

By : Tighten Wired and Gizmodo both claim to have possibly found the creator of Bitcoin | Ars Technica 0 comments

12.07.2015
Mac Developer: Kazakhstan will require internet surveillance back doors

Kazakhstan will require internet surveillance back doors Want to know why it's a bad idea for the government to ask for back door access to your data? Here's why. As of January 1st, Kazakhstan will require the presence of a "national security certificate" on every internet-capable device in the country.
Isn't it great you don't have a way to delete the system-installed trusted root certificates on the iPhone? Between the proliferation of drones and these great unix devices, can we now just be clear that the conditions for the Skynet robot overlords are now in place?

Labels: ,

By : Tighten Kazakhstan will require internet surveillance back doors 0 comments

Mac Developer: Apple Founder Steve Wozniak Announces Tokyo Comic Book Convention | Re/code

Apple Founder Steve Wozniak Announces Tokyo Comic Book Convention | Re/code Apple co-founder Steve Wozniak plans to return the favor by bringing an American-style pop culture fan extravaganza, the comic book convention, to Tokyo in 2016. And really, who better to serve as America’s ambassador for all things geeky?
Woz rolls into Japan.

Labels: ,

By : Tighten Apple Founder Steve Wozniak Announces Tokyo Comic Book Convention | Re/code 0 comments

12.03.2015
Mac Developer: The FBI's Secret Letters To Internet Service Providers... Revealed

The FBI's Secret Letters To Internet Service Providers... Revealed In a ruling lifting the gag order, U.S. Judge Victor Marrero called aspects of the NSL "absurd."
I think absurd is the status quo. Any arguments?

Labels:

By : Tighten The FBI's Secret Letters To Internet Service Providers... Revealed 0 comments

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Quarantino    
 Downloads    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2015
All Rights Reserved
Tighten Pro