Links...
 
Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

6.28.2014
Mac Developer: genkiyooka/MacRuntimeSandboxDetection

genkiyooka/MacRuntimeSandboxDetection
For CFPlugIn and AudioUnit developers - how to check Mac App Store sandbox capabilities at runtime.


If you write system components (i.e. CoreAudio AudioUnit), CFPlugIn bundles or loadable Cocoa frameworks which are shared among applications (like haxies), you may wish to detect the capabilities of the sandbox environment into which you've been loaded so you can gracefully disable features and so forth.

Naive implementations of such loadable code often dump huge volumes of system messages into the Console.log - not useful to anyone.

Labels: , , , , , ,

By : Tighten genkiyooka/MacRuntimeSandboxDetection 0 comments

 
Mac Developer: Secure Coding Guide: Introduction to Secure Coding Guide

Secure Coding Guide: Introduction to Secure Coding Guide
The document begins with “Types of Security Vulnerabilities,” which gives a brief introduction to the nature of each of the types of security vulnerability commonly found in software. This chapter provides background information that you should understand before reading the other chapters in the document. If you’re not sure what a race condition is, for example, or why it poses a security risk, this chapter is the place to start.


A good overview that just popped up on my radar.

Labels: , ,

By : Tighten Secure Coding Guide: Introduction to Secure Coding Guide 0 comments

 
6.16.2014
Mac Developer: Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) - Countering Trojan Horse attacks on Compilers

Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) - Countering Trojan Horse attacks on Compilers
In the DDC technique, source code is compiled twice: once with a second (trusted) compiler (using the source code of the compiler’s parent), and then the compiler source code is compiled using the result of the first compilation. If the result is bit-for-bit identical with the untrusted executable, then the source code accurately represents the executable.


You are in a maze of twisty passages, all alike.

Labels:

By : Tighten Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) - Countering Trojan Horse attacks on Compilers 0 comments

 
Mac Developer: Who Is Paunch? — Krebs on Security

Who Is Paunch? — Krebs on Security
“As I have done before, I am asking all the users as well as IT Security professionals to disable all plug-ins and add-ons in their browsers,” Fedotov warned forum members. “Do not think that if you are not users of Internet money (web money), there is no danger of being infected. In this case, the infected PCs are turned into socks proxies, spam/ddos bots and all the bad activity is done under your name, so that law enforcement can place all the blame on your shoulders. Safe surfing and good luck to you.”


I think this means you.

Labels: ,

By : Tighten Who Is Paunch? — Krebs on Security 0 comments

 
Mac Developer: Open Threat Exchange (OTX) | AlienVault

Open Threat Exchange (OTX) | AlienVault
AlienVault Open Threat Exchange (OTX™) is an open threat information sharing and analysis network, created to put effective security measures within the reach of all organizations.


This is a terrific idea.

Labels:

By : Tighten Open Threat Exchange (OTX) | AlienVault 0 comments

 
6.12.2014
Mac Developer: Russian malware creators rule. Here's how they got so good | VentureBeat | Security | by Richard Byrne Reilly

Russian malware creators rule. Here's how they got so good | VentureBeat | Security | by Richard Byrne Reilly: "Eastern Europe, in particular Russia, is the malware capital of the world. That’s the assertion of Adam Kujawa, a former Navy cryptologist and head of malware intelligence for Malwarebytes, a growing San Jose security outfit that has 100 employees and was originally founded in the windswept Baltic country of Estonia."
Interesting read.

Labels: ,

By : Tighten Russian malware creators rule. Here's how they got so good | VentureBeat | Security | by Richard Byrne Reilly 0 comments

 
6.08.2014
Mac Developer: A programmer's view of Apple's new Swift language | VentureBeat | Dev | by Richard Byrne Reilly

A programmer's view of Apple's new Swift language | VentureBeat | Dev | by Richard Byrne Reilly
Objective-C is great and really powerful. It has served Apple well for a really long time. It’s older than the web though. It is pretty awkward to learn – especially for someone new to programming.

No real plans to change to Swift here, but Metal is definitely on the whiteboard. Of course, at same time, love them tuples and other innovative new language features (Yay! I watched the Advanced Swift WWDC talk). And I will much enjoy watching new programmers getting very confused over the difference between structs and classes.

I will use Swift for small tasks. Although I suppose if I'm going to learn a new language it might as well be C#. That mono runtime is really slutty.

Although I do think there are some merits to eliminating header files (Modula-2 "Interface"), I think it would be good to have an option. Really the last thing I want to do when studying a module's interface is read implementation details.

Labels: ,

By : Tighten A programmer's view of Apple's new Swift language | VentureBeat | Dev | by Richard Byrne Reilly 0 comments

 
6.06.2014
Mac Developer: Apple, Inc. opens up access to its WWDC developer utopia

Apple, Inc. opens up access to its WWDC developer utopia: "Another reason why the hands-on labs are seen by developers as being a priority at WWDC is that Apple now makes the videos of its technical sessions available almost immediately, through either the WWDC app or iTunes. "
Favorite aspect of the new WWDC. Although everyone, I'm sure, would love to attend, it's just not feasible.

Labels:

By : Tighten Apple, Inc. opens up access to its WWDC developer utopia 0 comments

 
6.05.2014
Mac Developer: Marc Andreessen & Bill Gates agree with Fox News on this: Snowden is a traitor | VentureBeat | Security | by Harrison Weber

Marc Andreessen & Bill Gates agree with Fox News on this: Snowden is a traitor | VentureBeat | Security | by Harrison Weber: "Silicon Valley investor and technologist Marc Andreessen today declared NSA whistleblower Ed Snowden a traitor on national television."

It's true that he spoke up. Who he betrayed is entirely dependent on your interpretation of the purpose of the Constitution of the United States of America.
"When they came for my friend I did not talk, when they came for my brother I did not talk, when they came for my neighbor I did not talk, soon they will come for me and there will be no one to speak for me".

I think he spoke for a lot of Americans.

Labels:

By : Tighten Marc Andreessen & Bill Gates agree with Fox News on this: Snowden is a traitor | VentureBeat | Security | by Harrison Weber 0 comments

 
6.04.2014
Mac Developer: Apple's top secret Swift language grew from work to sustain Objective C, which it now aims to replace

Apple's top secret Swift language grew from work to sustain Objective C, which it now aims to replace: "We simplified memory management with Automatic Reference Counting (ARC). "
I don't necessarily agree ARC simplifies anything. It's also at least 20 percent slower than non-ARC code. Noticeable on the ARM platform, not as much on the Desktop. Alas, the future.

Labels:

By : Tighten Apple's top secret Swift language grew from work to sustain Objective C, which it now aims to replace 0 comments

 
Mac Developer: A programmer's view of Apple's new Swift language | VentureBeat | Gadgets | by Richard Byrne Reilly

A programmer's view of Apple's new Swift language | VentureBeat | Gadgets | by Richard Byrne Reilly: "Swift pulls a lot from various lanagues. There’s a lot that reminds me of JavaScript, Go, Ruby, and others. Objective-C is pretty old. It’s a really welcome change to see lots of features inspired by modern languages."
Of course, I'm no expert, but Swift looks more like Scala to me than any other language I've been exposed to.

Labels: ,

By : Tighten A programmer's view of Apple's new Swift language | VentureBeat | Gadgets | by Richard Byrne Reilly 0 comments

 
6.02.2014
Mac Developer: Apple unveils Swift, a brand new Xcode programming language for developers

Apple unveils Swift, a brand new Xcode programming language for developers: "In a demonstration, Apple showed off the 'Swift Playground,' where developers write code and how results are displayed as soon as code is written. Apple says Swift was designed from the ground up for Cocoa and Cocoa Touch. Swift can be used for basic apps, like social networking, or advanced 3D games using the new 'Metal' graphics optimization. And because it operates alongside Objective-C, developers will be able to seamlessly interchange languages."
Looking forward to Swift and Metal. Together or individually.

Labels: , ,

By : Tighten Apple unveils Swift, a brand new Xcode programming language for developers 0 comments

 

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Quarantino    
 QTZ    
 Downloads    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 Quarzenegger.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2020
All Rights Reserved
Tighten Pro