Links...
 
Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

6.24.2016
Mac Developer: From file-sharing to prison: A Megaupload programmer tells his story | Ars Technica

From file-sharing to prison: A Megaupload programmer tells his story | Ars TechnicaThe legal saga dragged on for three years. In 2012, Nõmm was first arrested by authorities in the Netherlands and placed under house arrest. Like Dotcom, Nõmm next spent a significant amount of time fighting extradition. But eventually in 2015, he voluntarily traveled to the US and was arrested in Virginia. Nõmm pleaded guilty to felony copyright infringement and was sentenced to a year and a day in a US federal prison.
A drop in the bucket compared to the grievous harm caused by banksters, none of whom saw a day of prison time.

Labels:

By : Tighten From file-sharing to prison: A Megaupload programmer tells his story | Ars Technica 0 comments

6.19.2016
Mac Developer: Catching up with the guy who stole Half-Life 2’s source code, 10 years later | Ars Technica

Catching up with the guy who stole Half-Life 2’s source code, 10 years later | Ars Technica: "the chief of police greeted him. He walked up to Gembe, looked him in the eye and said: "Have you any idea how lucky you are that we got to you before you got on that plane?" "

Deutschland über alles!

Labels: ,

By : Tighten Catching up with the guy who stole Half-Life 2’s source code, 10 years later | Ars Technica 0 comments

6.17.2016
Mac Developer: User testing is essential for app development, says Bill Atkinson

User testing is essential for app development, says Bill AtkinsonSAN FRANCISCO — If you want to make a truly killer app, here’s a crucial part of the creative process you shouldn’t overlook: Give your “finished” software to someone, ask them to do something with it, and then shut the hell up.
Sir Bill from the Knights of the Rounded Rectangle speaks!

Labels: , ,

By : Tighten User testing is essential for app development, says Bill Atkinson 0 comments

Mac Developer: Kill Flash now. Or patch these 36 vulnerabilities. Your choice • The Register

Kill Flash now. Or patch these 36 vulnerabilities. Your choice • The Register: "Adobe has released an update for Flash that addresses three dozen CVE-listed vulnerabilities.

The update includes a fix for the CVE-2016-4171 remote code execution vulnerability that is right now being exploited in the wild to install malware on victims' computers."

Flash is like the Windows XP of the internet. Didn't quite anticipate the rise in security concerns. Not that anyone did, but Flash is paying the heaviest price.

Labels:

By : Tighten Kill Flash now. Or patch these 36 vulnerabilities. Your choice • The Register 0 comments

6.16.2016
Mac Developer: Microsoft releases open source bug-bomb in the rambling house of C • The Register

Microsoft releases open source bug-bomb in the rambling house of C • The Register: "Key to it is better handling of pointers in C programs. Checked C “allows programmers to better describe how they intend to use pointers and the range of memory occupied by data that a pointer points to,” MS Research explains at its project page."

New features for an old friend. You don't know sizeof like I know sizeof.

Labels: ,

By : Tighten Microsoft releases open source bug-bomb in the rambling house of C • The Register 0 comments

Mac Developer: FBI expands code theft charges against Chinese national • The Register

FBI expands code theft charges against Chinese national • The Register: "The charge is that he stole source code from his employer, believed to have been IBM but not yet confirmed, intending to turn it over to the Chinese government.

Xu was employed by the company from 2010 to 2014, and was one of what the DoJ says was a “small subset” of staff with access to the source code of a clustered file system. The indictment notes that individuals had to sign NDAs to access the code."

Justice for IP theft IFF your name is IBM.

Labels:

By : Tighten FBI expands code theft charges against Chinese national • The Register 0 comments

Mac Developer: iOS 10 warns users when opening legacy apps not encoded in 64-bit

iOS 10 warns users when opening legacy apps not encoded in 64-bit: "More than a year after Apple mandated that all new apps must be 64-bit compatible, iOS 10 will begin warning users that non-compliant legacy apps may affect the stability of their iPhone or iPad."

for (NSInteger memoryBandwidth=0; memoryBandwidth<ohReally; ++memoryBandwidth) overkill=YES;

Labels:

By : Tighten iOS 10 warns users when opening legacy apps not encoded in 64-bit 0 comments

6.14.2016
Mac Developer: How a college student tricked 17k coders into running his sketchy script | Ars Technica

How a college student tricked 17k coders into running his sketchy script | Ars Technica: "The eye-opening (if ethically questionable) research was conducted by University of Hamburg student Nikolai Philipp Tschacher as part of his bachelor thesis. Using a variation of a decade-old attack known as typosquatting, he uploaded his code to three popular developer communities and gave them names that were similar to widely used packages already submitted by other users."

Hmmm.

Labels:

By : Tighten How a college student tricked 17k coders into running his sketchy script | Ars Technica 0 comments

6.08.2016
Mac Developer: Microsoft's BITS file transfer tool fooled into malware distribution • The Register

Microsoft's BITS file transfer tool fooled into malware distribution • The Register: "While working on a customer clean-up project, SecureWorks staff found that attackers had created self-contained BITS tasks that didn't appear in the registries of affected machines, and their footprints were limited to entries on the BITS database."

Security is hard, real hard.

Labels: ,

By : Tighten Microsoft's BITS file transfer tool fooled into malware distribution • The Register 0 comments

Mac Developer: Why does an Android keyboard need to see your camera and log files – and why does it phone home to China? • The Register

Why does an Android keyboard need to see your camera and log files – and why does it phone home to China? • The Register: "UK-based Pentest said a whitepaper study [PDF] of the popular Flash Keyboard found that the Android app is "abusing" OS permissions, inserting potentially malicious ads, and tracking user behavior, then sending data to servers in China."

Marketing 101 - computer users ain't that smart.

Labels:

By : Tighten Why does an Android keyboard need to see your camera and log files – and why does it phone home to China? • The Register 0 comments

6.06.2016
Mac Developer: TeamViewer users are being hacked in bulk, and we still don’t know how | Ars Technica

TeamViewer users are being hacked in bulk, and we still don’t know how | Ars Technica: "For more than a month, users of the remote login service TeamViewer have taken to Internet forums to report their computers have been ransacked by attackers who somehow gained access to their accounts."

Uh-oh.

Labels:

By : Tighten TeamViewer users are being hacked in bulk, and we still don’t know how | Ars Technica 0 comments

Mac Developer: Giveaway: Win an mCookie Kit from Microduino

Giveaway: Win an mCookie Kit from Microduino: "Microduino is partnering with AppleInsider to offer readers the chance to win an mCookie kit, which contains a magnetic stackable Arduino microcontroller for programmers and DIY-ers. As a bonus, not one, but two kits are up for grabs this week."

For all you hackers out there.

Labels:

By : Tighten Giveaway: Win an mCookie Kit from Microduino 0 comments

Mac Developer: The guy who named iMac says Apple's names are too confusing | Cult of Mac

The guy who named iMac says Apple's names are too confusing | Cult of Mac: "Former Apple marketing guru Ken Segall helped launched Apple’s string of i-devices, but now he says that the company has lost its way from simplicity lately and there’s no clearer sign than the confusing naming scheme of the iPhone.

Hmmmmm.

Labels:

By : Tighten The guy who named iMac says Apple's names are too confusing | Cult of Mac 0 comments

5.29.2016
Mac Developer: Don't panic, says Blue Coat, we're not using CA cert to snoop on you • The Register

Don't panic, says Blue Coat, we're not using CA cert to snoop on you • The Register: "These trusted certs can be used to disguise malicious servers as legit websites; netizens connecting to the systems would think they're using the real deal, but really they're talking to imposters and handing over sensitive information like passwords to strangers."

If it's happening here, it's happening all over the world.

Labels:

By : Tighten Don't panic, says Blue Coat, we're not using CA cert to snoop on you • The Register 0 comments

Mac Developer: Feinstein-Burr's bonkers backdoor crypto law is dead in the water • The Register

Feinstein-Burr's bonkers backdoor crypto law is dead in the water • The Register: "The daft bill was championed by Senators Richard Burr (R‑NC) and Dianne Feinstein (D‑CA) in February following an increasingly rancorous debate over encryption, and at one point it looked likely to make it into law. Just last month, Senator Ron Wyden said he was planning to filibuster it."

Sounds like California needs a Senator that understands California.

Labels:

By : Tighten Feinstein-Burr's bonkers backdoor crypto law is dead in the water • The Register 0 comments

5.28.2016
Mac Developer: Armed FBI agents raid home of researcher who found unsecured patient data | Ars Technica

Armed FBI agents raid home of researcher who found unsecured patient data | Ars Technica: "FBI agents, one armed with an assault weapon, reportedly raided the home of a security professional who discovered sensitive data for 22,000 dental patients was available on the Internet, according to a report published Friday."

You are living in an Orwellian police state where the only winners are the corporate overlords. If Eaglesoft's security leaks were to result in the loss of property by private citizens, they would be charged with nothing.

Labels: , ,

By : Tighten Armed FBI agents raid home of researcher who found unsecured patient data | Ars Technica 0 comments

Mac Developer: Dedupe, dedupe, dedupe dedupe dedupe... Who snuck in to attack Microsoft Edge? • The Register

Dedupe, dedupe, dedupe dedupe dedupe... Who snuck in to attack Microsoft Edge? • The Register: "To validate the attack technique, the Dutch team put together a proof-of-concept JavaScript-based attack against the new Microsoft Edge browser, configured with in-built security defences enabled.

Rowhammer involves rapidly writing and rewriting memory to force capacitor errors in DRAM that can then be exploited to gain control of the system. The hardware hack was brought to public attention by security researchers at Google Project Zero last year."

Comforting thoughts not so much.

Labels:

By : Tighten Dedupe, dedupe, dedupe dedupe dedupe... Who snuck in to attack Microsoft Edge? • The Register 0 comments

5.26.2016
Mac Developer: Quiet cryptologist Bill Duane's war with Beijing's best • The Register

Quiet cryptologist Bill Duane's war with Beijing's best • The Register: ""I have never worked so hard, under so much stress, and with so much at risk," Duane told the AusCERT security conference on the Gold Coast."

Considering his credentials, this is easily one of the most disconcerting security articles published in recent memory.

Labels: ,

By : Tighten Quiet cryptologist Bill Duane's war with Beijing's best • The Register 0 comments

Mac Developer: Google to bring official Android support to the Raspberry Pi 3 | Ars Technica

Google to bring official Android support to the Raspberry Pi 3 | Ars Technica: "The Raspberry Pi 3 is not hurting for operating system choices. The tiny ARM computer is supported by several Linux distributions and even has a version of Windows 10 IoT core available. Now, it looks like the Pi is about to get official support for one of the most popular operating systems out there: Android. In Google's Android Open Source Project (AOSP) repository, a new device tree recently popped up for the Raspberry Pi 3."

When I was a kid, the Apple ][ was my dream machine, but I could never afford one, so I bought a Commodore 64 and programmed the Apple at my High School. In the end, the C64 provided a superior education because of the ASICs that handled sound (especially), since audio synthesis has played a role in, well, most of my life. If I had the time, I'd get into the Raspberry Pi. You know, with C and Linux, not with Java or Windows. Sorry, guys.

Labels: ,

By : Tighten Google to bring official Android support to the Raspberry Pi 3 | Ars Technica 0 comments

Mac Developer: Government agencies keep sacrificing cash to zombie IT systems, GAO finds | Ars Technica

Government agencies keep sacrificing cash to zombie IT systems, GAO finds | Ars Technica: "Some of the most critical business systems run by US government agencies are older than many of the IT people who support them, written in mainframe assembler code or COBOL. That might not shock or surprise anyone who works in mainframe-centric industries like insurance and finance, where the time-tested reliability of some systems has granted them lives that reach back to the Johnson administration."

The other thing that is absolutely clear from this report is that the only company that understands the needs of its customers is IBM. Continues to manufacture and support the hardware necessary to keep these systems running. Which is what the CUSTOMER needs.

Labels:

By : Tighten Government agencies keep sacrificing cash to zombie IT systems, GAO finds | Ars Technica 0 comments

5.25.2016
Mac Developer: Pastejack attack turns your clipboard into a threat • The Register

Pastejack attack turns your clipboard into a threat • The Register: "Dylan Ayrey, who published the exploit at GitHub, explains: “If a user attempts to copy the text with keyboard shortcuts, i.e. ctrl+c or command+c, an 800ms timer gets set that will override the user's clipboard with malicious code”."

One day, JavaScript will go the way of Flash. But first, someone will pay a hefty price.

Labels:

By : Tighten Pastejack attack turns your clipboard into a threat • The Register 0 comments

5.24.2016
Mac Developer: Apple reportedly working on a rival to Amazon's Echo

Apple reportedly working on a rival to Amazon's Echo: "More interestingly, however, Apple is also apparently working on a smart Bluetooth speaker not unlike Amazon's Echo or Google Home."

I don't find this interesting at all. I guess when Steve Jobs died, so did "Focus is saying no to 1000 good ideas".

Labels:

By : Tighten Apple reportedly working on a rival to Amazon's Echo 0 comments

Mac Developer: Google’s closing argument: Android was built from scratch, the fair way | Ars Technica

Google’s closing argument: Android was built from scratch, the fair way | Ars Technica: "SAN FRANCISCO—Google attorney Robert Van Nest made his closing argument to a panel of jurors here today, asking them to clear Android of copyright infringement allegations as a matter of "fairness and fair use.""

They should eliminate all the APIs that look substantially similar to object-oriented system interfaces that preceded Java. That should sober them up a bit. Yawner until it's not.

Labels: ,

By : Tighten Google’s closing argument: Android was built from scratch, the fair way | Ars Technica 0 comments

Mac Developer: Apple brings back crypto whiz Jon Callas as encryption battles heat up

Apple brings back crypto whiz Jon Callas as encryption battles heat up: "Callas is known to support this view, but has proposed a compromise in which agencies can exploit zero-day vulnerabilities so long as they're later disclosed for fixing."

The cat came back, the very next day...

Labels: ,

By : Tighten Apple brings back crypto whiz Jon Callas as encryption battles heat up 0 comments

Mac Developer: Snowden: NBN leaker raids a 'misuse' of Australian Federal Police • The Register

Snowden: NBN leaker raids a 'misuse' of Australian Federal Police • The Register: "The privacy pundit backs his argument by citing the ubiquitous mantra of the pro-surveillance crowd "if you have nothing to hide, you have nothing to fear" attributing the quote to Nazi propaganda minister Joseph Goebbels."

Orwellian future arrives extra early in Australia.

Labels:

By : Tighten Snowden: NBN leaker raids a 'misuse' of Australian Federal Police • The Register 0 comments

5.23.2016
Mac Developer: Snowden calls for whistleblower shield after claims by new Pentagon source | US news | The Guardian

Snowden calls for whistleblower shield after claims by new Pentagon source | US news | The Guardian: "The account of John Crane, a former senior Pentagon investigator, appears to undermine Barack Obama, Hillary Clinton and other major establishment figures who argue that there were established routes for Snowden other than leaking to the media."

Hard to believe that just after WWII, the world used to look to the US for idealism and freedom.

Labels:

By : Tighten Snowden calls for whistleblower shield after claims by new Pentagon source | US news | The Guardian 0 comments

5.20.2016
Mac Developer: After a year of using NodeJS in production - elCurator

After a year of using NodeJS in production - elCurator: "All this to say that it feels like the Node ecosystem is constantly moving. Not in a good way. New tools that 'trump' old tools seem to come out daily. Theres always a new shiny thing to replace the other. You'll be surprised on how easily this happens to you and the community seems to encourage it. You use Grunt!? Everyone uses Gulp!? Wait no, use native NPM scripts!"

Here's an awesome article about the hype bullsh*t that is Node. Hopefully it will die during the unicorn culling.

Labels: ,

By : Tighten After a year of using NodeJS in production - elCurator 0 comments

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Quarantino    
 Downloads    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2015
All Rights Reserved
Tighten Pro