Links...
 
Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

7.25.2013
Mac Developer: First malware in the wild found exploiting Bluebox's Android app signing flaw

First malware in the wild found exploiting Bluebox's Android app signing flaw: "Earlier this month, the popular Facebook app was caught harvesting users' entire phone books for upload into the social network's vast graph, without notice, and subsequently 'sharing' information with other users 'having some connection to them' on the site. "


They're getting into the American spirit popularized by the NSA! This is an important read because it highlights the reasons that an application bundle needs both external (system verified) and internal (application self-verified) code signatures.

At least, that's my opinion.

Labels: , ,

By : Tighten First malware in the wild found exploiting Bluebox's Android app signing flaw 0 comments

 
7.24.2013
Mac Developer: fseventer [fernLightning]

fseventer [fernLightning]: "Observes filesystem changes using the same underlying API as Spotlight Provides a graphical representation of the file activity Example use could be to determine what files are changed via software installation, preferences, etc"


Very handy tool that shows what processes are opening and writing to files. Very cool.

Labels: ,

By : Tighten fseventer [fernLightning] 0 comments

 
7.22.2013
Mac Developer: Security researcher behind Dev Center hack admits responsibility | Electronista

Security researcher behind Dev Center hack admits responsibility | Electronista: "Balic describes himself as a 'security researcher,' only interested in seeing 'how deep' he could go rather than causing any problems. "


Such an interesting question whether remote probing a public website is security research. Maybe at the NSA.

Labels: ,

By : Tighten Security researcher behind Dev Center hack admits responsibility | Electronista 0 comments

 
7.18.2013
Mac Developer: Your PC may already be compromised — by the NSA | VentureBeat

Your PC may already be compromised — by the NSA | VentureBeat: "Steve Blank is a retired serial entrepreneur and has been a founder or participant in eight Silicon Valley startups since 1978. This article originally appeared on his blog."


Steve Blank's secret history of Silicon Valley is a compelling, important read. For anyone with libertarian values.

Labels:

By : Tighten Your PC may already be compromised — by the NSA | VentureBeat 0 comments

 
7.13.2013
Mac Developer: Technical Q&A QA1788: Technical Q&A QA1788

Technical Q&A QA1788: Technical Q&A QA1788
Position Independent Executable (PIE) applications can be loaded at a random memory address when run. This has security benefits for your application. iOS 4.3 or later, and OS X 10.7 or later, fully support PIE executables.

SEE ALSO:
en.wikipedia.org/wiki/Address_space_layout_randomization

Labels: ,

By : Tighten Technical Q&A QA1788: Technical Q&A QA1788 0 comments

 
Mac Developer: osx - DYLD_INSERT_LIBRARIES doesn't work for app signed with entitlements on Mountain Lion

osx - DYLD_INSERT_LIBRARIES doesn't work for app signed with entitlements on Mountain Lion - Stack Overflow: "dyld strips all DYLD_ environment variables on applications it considers to be restricted, which includes setuid/setgid binaries and those signed with particular entitlements. You can see how this work by looking at the dyld source. In particular, processRestricted is responsible for determining whether the restrictions should be applied and pruneEnvironmentVariables does the special handling of the environment variables."


This looks like some good news. Of course, if the code sign is stripped from your binary it's not going to be a problem so this is more of a system-wide security feature. i.e. no loading dylibs into every GUI process...

Labels: ,

By : Tighten osx - DYLD_INSERT_LIBRARIES doesn't work for app signed with entitlements on Mountain Lion 0 comments

 
Mac Developer: mikeash.com: Friday Q&A 2009-01-30: Code Injection

mikeash.com: Friday Q&A 2009-01-30: Code Injection: "Basically, to override NSApplicationMain, you can do something like this:

#define DYLD_INTERPOSE(_replacment,_replacee) \ __attribute__((used)) static struct{ const void* replacment; const void* replacee; } _interpose_##_replacee \ __attribute__ ((section ('__DATA,__interpose'))) = { (const void*)(unsigned long)&_replacment, (const void*)(unsigned long)&_replacee };

DYLD_INTERPOSE(_SAApplicationMain, NSApplicationMain); "

mikeash.com seems to be a particularly rich source of low-level darwin techniques. In this case, a commenter has pointed out an easy (but unsupported/not for shipping applications) technique of chaining system functions. Check lists.apple.com for reasons why it's not supported.

Use the force, er, I mean source:

opensource.apple.com/source/dyld/dyld-132.13/include/mach-o/dyld-interposing.h

And take a look at the unit tests.

Labels: , , ,

By : Tighten mikeash.com: Friday Q&A 2009-01-30: Code Injection 0 comments

 
Mac Developer: osx - Mac OS X Lion no longer recognizes environment.plist? - Stack Overflow

Mac OS X Lion no longer recognizes environment.plist?: "Whether or not Apple officially supports this mechanism, the current tech note Technical Q&A QA1067 is still accurate. An important caveat, however, is absent: the Property List needs to be in binary format.


Since DYLD_INTERPOSE seems a likely bypass point for application security checks like Mac App Store receipt validation, you'll want to be aware of all the techniques that can be used to load an extra .dylib or .framework into your app's process.

Labels: ,

By : Tighten osx - Mac OS X Lion no longer recognizes environment.plist? - Stack Overflow 0 comments

 
7.10.2013
Mac Developer: Pirate Bay cofounder is building an NSA-proof messaging app via crowdfunding | VentureBeat

Pirate Bay cofounder is building an NSA-proof messaging app via crowdfunding | VentureBeat: "Hemlis will initially be available on iOS and Android The app won’t necessarily be open source because that doesn’t guarantee privacy, but the founders do intend to stay as open as possible with Hemlis’s code."


Or so they hope.

Labels:

By : Tighten Pirate Bay cofounder is building an NSA-proof messaging app via crowdfunding | VentureBeat 0 comments

 
7.04.2013
Mac Developer: Security flaw opens all modern Android devices to "zombie botnet" takeover [u]

Security flaw opens all modern Android devices to "zombie botnet" takeover [u]: "A newly discovered flaw in Google's Android security model enables rogue apps to gain full access to the Android system and all installed apps, read all data on the device, harvest passwords and create a botnet of 'always-on, always-connected and always-moving' spy devices tracking users' location while secretly recording."

Yikes! Looks like someone needs to tighten up security.

Labels:

By : Tighten Security flaw opens all modern Android devices to "zombie botnet" takeover [u] 0 comments

 

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Quarantino    
 Downloads    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2015
All Rights Reserved
Tighten Pro