C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation
Tighten Pro - in the Mac App Store
Tighten Pro is now available in the Mac App Store.
Simply click on the icon to the left to purchase directly from Apple.
Or choose PKCS#7Viewer.app by clicking the image to the right.
Mac Developer: Pentagon to grant security clearance for Apple's IOS
Pentagon to grant security clearance for Apple's IOS, some Samsung devices
Specifically, the DoD will reportedly grant clearance for both iOS 6, Apple's current mobile operating system, as well as iOS 5, the company's previous-generation software."
I'm sure this will be great for the iOS platform, but there is something fundamentally weird about the DOD embracing Apple technology. It's like the DOD is the opposite of the Apple ethic. Or maybe the original Apple ethic.
Maybe we could let BlackBerry and Android have this market.
Labels: encryption, security
Mac Developer: BadNews Shows a New Direction for Mobile Malware - Arik Hesseldahl - News - AllThingsD
BadNews Shows a New Direction for Mobile Malware : "And while we’re on the subject of hacking and malware, if you’re the user of Android phone "
I suppose it's good that Google can pull the plug, but it shows that malware writers can create companies and get signing certificates just like a bonafide developer. And they are more aggressive.
I often wonder if any of my apps have been re-signed and put up for sale in a localized market. Who would know?
Mac Developer: Computer Security Legend Mudge Leaves DARPA for Google Job - Arik Hesseldahl - News - AllThingsD
Computer Security Legend Mudge Leaves DARPA for Google Job - Arik Hesseldahl - News - AllThingsD: "Zatko didn’t specify what he’ll be doing at Google, and he didn’t immediately answer an email from me asking for a little more detail, though its a pretty sure bet it will involve doing some kind of research on security. I’ll add more if I hear back from him."
Even Google is tightening security!
Labels: security, tighten
Mac Developer: Apple updates XProtect.plist to block Yontoo
Apple updates XProtect.plist to block Yontoo: "Shortly after news emerged of a new adware trojan targeting OS X web browsers, Apple has updated its malware and adware detections list to block Yontoo."
Trojans and malware. The reason we have sandboxed & code signed binaries in the Mac App Store is to ensure that your application is not a launch vector for same.
Labels: security, tighten, xprotect.plist
Mac Developer: Everything You Wanted To Know About Apple’s New Anti-Virus Spotter | Cult of Mac
Everything You Wanted To Know About Apple’s New Anti-Virus Spotter | Cult of Mac: "The British security firm Intego has published a security memo that provides a clear and detailed view of Apple’s new XProtect anti-virus system in Snow Leopard."
Here's an older post on Xprotect.plist.
Mac Developer: Apple acknowledges evad3r jailbreakers found 4 of 6 exploits fixed with iOS 6.1.3
Apple acknowledges evad3r jailbreakers found 4 of 6 exploits fixed with iOS 6.1.3: "Evad3rs leveraged some of the exploits to create the evasi0n jailbreak, which allowed iPhone 5 and iPad mini owners to 'liberate' their devices. "
Sounds like the hackers are very helpful in this case. And maybe most cases.
Labels: hacking, hacking iphone
Mac Developer: Apple marketing chief uses rare Twitter post to take shot at Android security issues
Apple marketing chief uses rare Twitter post to take shot at Android security issues: "Schiller took to Twitter on Thursday for just the 172nd time since opening his account in 2008"
He tweets but lightly where others rant incoherently.
Mac Developer: Meet Some of the People at Apple Responsible for Fighting Hackers - Arik Hesseldahl - News - AllThingsD
Meet Some of the People at Apple Responsible for Fighting Hackers - Arik Hesseldahl - News - AllThingsD: "But that’s not to say that Apple hasn’t been preparing — quietly as always — for the kind of eventualities that tend to crop up when hackers and other digital miscreants are taken to probing your systems for vulnerabilities."
Everyone could stand to tighten their security a little bit more.
Mac Developer: iOS 6 jailbreak arrives; URL detection bug crashes most OS X apps
iOS 6 jailbreak arrives; URL detection bug crashes most OS X apps: "For the first time ever, iPhone 5 and iPad mini owners can jailbreak their device with the release of Evasi0n, the new jailbreak for Apple's iOS 6 mobile operating system. "
I always laugh when someone says "This one can't be hacked." Some people obsess over opcodes. They don't need a disassembler, they don't need a guide.
Labels: jailbreak, tighten pro
Mac Developer: SBPL - SandBox Policy Language
SBPL - SandBox Policy Language: "This is a description of the different primitives available in the SBPL - a language derived from TinyScheme used to describe what is allowed or denied to a process running on MacOSX 10.5 or higher operating system."
If you're trying to figure out what you might need to script up to get your app into the store with a custom sandbox profile, see this handy guide.
Labels: sandbox, sandbox kext, sandbox policy language, sandboxd
Mac Developer: Apple quietly blocks Java 7 in OS X [U] | MacNN
Apple quietly blocks Java 7 in OS X [U] | MacNN: "Apple has disabled the Java 7 browser plug-in on Macs through an updated OS X blacklist file, notes MacRumors."
It's all about the tightening of security.
Labels: java, security, tighten
Mac Developer: Yahoo Confirms It Has Fixed A Vulnerability In Mai
Yahoo Confirms It Has Fixed A Vulnerability In Mail - Arik Hesseldahl - News - AllThingsD: "We were recently informed of an online video that demonstrated a vulnerability. We confirm that the vulnerability has been fixed."
Hopefully AOL will fix their leaky boat next.
Mac Developer: Everything You Wanted to Know About the Sandbox (but were afraid to ask)
The Apple Sandbox by Dionysus Blazakis
The rest of the paper is organized as follows. Section 2 gives a brief overview of the entire system. Section 3 describes the public interface and the utility function provided by the OS. Next, Section 4 walks through the details of the userspace libraries used to turn policies into sandbox syscall arguments for installing a sandbox. After the userspace interface is fully explored, Section 5 begins by brie y describing the TrustedBSD interface and how the sandbox implements this interface. Next, each kernel extension is examined.
Labels: sandbox, sandbox kext, sandbox policy language, sandboxd
Mac Developer: Hacker: jailbreaking iOS 6 hard, 6.1 may prove impossible | iPodNN
Hacker: jailbreaking iOS 6 hard, 6.1 may prove impossible | iPodNN: "Jailbreaking an iOS device in order to install unofficial apps, add customization options or simply to unlock a locked device has gotten tougher, as evidenced by the hacking community's inability to produce an untethered jailbreak for iOS 6."
Looks like they are tightening security.
Mac Developer: 25-GPU cluster cracks every standard Windows password in <6 hours | Ars Technica
25-GPU cluster cracks every standard Windows password. A password-cracking expert has unveiled a computer cluster that can cycle through as many as 350 billion guesses per second.
We'll be in for some trouble if strong encryption turns out to be not that strong after all. Personally, I prefer to use the GPU to emulate retro photography techniques
Mac Developer: Apple hires former Windows security hacker to strengthen OS X
Apple hires former Windows security hacker to strengthen OS X: "It was discovered on Thursday that famed hacker and former Microsoft employee Kristin Paget is now working for Apple as a core operating system security researcher."
Everyone is tightening.
Labels: hacking, hacking osx, security, tighten
Mac Developer: Tighten App 1.0.11 now on the Mac App Store
, designed for developers creating $0.99 apps (apps costing less than $5) is now available on the Mac App Store.
Tighten App generates custom receipt validation code and provides basic security measures.
Labels: code, mac app store receipt validation
Mac Developer: Tighten Pro 1.0.11 Released Today
The new release of Tighten Pro 1.0.11 is now available on the Mac App Store. This release includes a total rewrite of the Mac App Store receipt validation code generator including extensive checking of the security trust/certificate chain and new code to parse and validate in-app purchase receipts.
The in-app purchase receipt validation code is 100% inline-able and as such can be used throughout your application code (ie. salted).
Other new features include security code generation for DeveloperID/Gatekeeper applications and more.
Tighten Pro represents a comprehensive solution for application developers dealing with the complexities of deploying to the Mac App Store and protecting their work from piracy.
Labels: app store, mac app store receipt validation, sandbox, tighten pro, validation
Mac Developer: Apple Tweaks Design Of App Store Category Pages
Apple Tweaks Design Of App Store Category Pages
In its weekly App Store refresh, it appears Apple has today tweaked the design of App Store categories to include the same design of the App Store’s home page.
Of interest to most Mac App Store developers.
Labels: app store
Mac Developer: The Steve Jobs I Knew - Walt Mossberg - Mossblog - AllThingsD
The Steve Jobs I Knew - Walt Mossberg - Mossblog - AllThingsD: "That Steve Jobs was a genius, a giant influence on multiple industries and billions of lives, has been written many times since he retired as Apple’s CEO in August. He was a historical figure on the scale of a Thomas Edison or a Henry Ford, and set the mold for many other corporate leaders in many other industries."
This is a terrific article. Delayed by 15 minutes.
Mac Developer: ARM-Based Chips Make Better Windows PCs, Says Qualcomm CEO - Ina Fried - Mobile - AllThingsD
ARM-Based Chips Make Better Windows PCs, Says Qualcomm CEO - Ina Fried - Mobile - AllThingsD: "Qualcomm has sponsored a contest to encourage developers to write Windows RT apps as well as, in some cases, help to fund their development. Jacobs said that Microsoft isn’t really being given the benefit of the doubt here, despite its long track record of attracting developers."
Unfortunately, nothing as powerful as Cocoa is likely to debut on any platform any time soon.
Labels: cocoa, windows rt
Mac Developer: Lightning Connector Cloned
Third-party manufacturers in China are supposedly mass-producing Lightning cables: with working authentication chips allegedly reverse engineered from Apple's official model, and are shopping their wares to overseas resellers...
No security technology is foolproof. Do your best to protect your work, keep innovating.
Labels: hacking osx, hardware hacking
Mac Developer: com.apple.security.temporary-exception.sbpl
The com.apple.security.temporary-exception.sbpl entitlement seems to have been given bona fide status: login to itunesconnect and you can at least add it to your list of requested entitlements for submitting. Good news, because I'm not sure how you can write code in a posix environment without posix shared memory and semaphores.
Labels: entitlements, sandbox policy language
Mac Developer: FileXaminer
FileXaminer: "FileXaminer is an award winning 'Get Info' application. FileXaminer allows you to modify file and folder attributes that the Finder cannot. FileXaminer is powerful and easy to use – making it the best 'Get Info' application for Mac OS X."
I'm trying to figure out why some code I'm working on will not work correctly in the sandbox and I believe it has to do with file permissions. I had a hankering for a GUI tool and had a bit of trouble finding something.
Labels: finder, finder getinfo, plugin
Mac Developer: Access Control Lists in OS X
Mac OS X 10.4 Tiger | Ars Technica: "Access control lists, or ACLs, are a finer-grained, more flexible way to control file permissions: who can do what to which files. In Tiger, ACLs are a supplement to the traditional Unix file permissions. Since I've never covered Unix file permissions in a Mac OS X article before, I'd like to do so now. "
Good article on ACL permissions I found googling.
Labels: access control lists, mac os x, security
Mac Developer: sandbox policy language temporary entitlement
If you're adopting sandboxing outside
the App Store, the syntax for the sandbox policy language temporary exception entitlement is:
Labels: sandbox policy language, temporary entitlement
Mac Developer: How does Apple Sandbox?
Michael Tsai - Blog - Aperture 3.4, Sandboxing, and FlickrExport
The short answer is, a complex application like Aperture cannot be sandboxed using the typical rules.
Labels: sandbox, sandbox policy language