Links...
 
Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

5.31.2014
Mac Developer: WWDC 2014 Roundup: Enhanced iOS 8, redesigned OS X 10.10, new hardware (plus fresh details) | 9to5Mac

WWDC 2014 Roundup: Enhanced iOS 8, redesigned OS X 10.10, new hardware (plus fresh details) | 9to5Mac: "It is also uncertain which or if any of the above devices will be introduced at WWDC. Perhaps these are in store for later this year or next year."
I think it's a good sign that all of this is just speculation. Nobody let the cat out of the pajamas. Wait. As for user interface fashion, I'm still working on my HUD controls. HUD is dead, long live the HUD. Aqua is dead, long live the aqua.

Labels:

By : Tighten WWDC 2014 Roundup: Enhanced iOS 8, redesigned OS X 10.10, new hardware (plus fresh details) | 9to5Mac 0 comments

 
5.22.2014
Mac Developer: Hackers claim to have exploit for iCloud, use vulnerability to disable Activation Lock

Hackers claim to have exploit for iCloud, use vulnerability to disable Activation Lock
Apple recently patched a similar vulnerability in OS X and iOS, but iTunes on Windows remains susceptible. Loman believes that the issue is "either a beginner's mistake, or it was done on purpose" and alleges that it may have been designed to allow intelligence agencies access to iCloud. "


Hard to say where internet security is headed. So much code being written.

Labels: ,

By : Tighten Hackers claim to have exploit for iCloud, use vulnerability to disable Activation Lock 0 comments

 
5.17.2014
Mac Developer: Sprint was the only telco to stand up to the NSA | VentureBeat | Security | by Barry Levine

Sprint was the only telco to stand up to the NSA | VentureBeat | Security | by Barry Levine: "He added that there is now some legislative movement in Congress to modify the basic problem, which Geiger described as ‘insufficient oversight at every level.’"
That's actually quite a funny statement. Insufficient oversight at every level. Usually you would associate that problem with some backwards country. Hard to say who is leading the free world these days and where we're being led.

Labels:

By : Tighten Sprint was the only telco to stand up to the NSA | VentureBeat | Security | by Barry Levine 0 comments

 
5.06.2014
Mac Developer: Of Flash Player versions and codesigning and signatures | Jaharmi’s Irreality

Of Flash Player versions and codesigning and signatures | Jaharmi’s Irreality
However, it’s also difficult to understand why a large corporation with the resources of Adobe cannot codesign a piece of software as critical to the Mac OS X browsing experience as the Adobe Flash plugin is — especially when its “Install Manager” application is signed."


One of the many problems with Flash vulnerabilities. You can't even check to see if the Flash plug-in is authentic.

Yesterday I opened a Safari session on Mavericks and was pummelled with dialog boxes (reminisent of Windows popups) asking me to upgrade Flash.

I was redirected to the Adobe website and didn't think to check the codesign on the Flash installer before installing. What a nightmare!

Labels: ,

By : Tighten Of Flash Player versions and codesigning and signatures | Jaharmi’s Irreality 0 comments

 
Mac Developer: Adobe Flash Security Update Tackles Zero-Day Flaw | The Mac Security Blog

Adobe Flash Security Update Tackles Zero-Day Flaw | The Mac Security Blog
Adobe Systems has released a brand new Adobe Flash security update to patch a zero-day flaw in its Flash Player software, updating to version 13.0.0.206 for Mac and Windows. "


A little news to Tighten your day!

Labels:

By : Tighten Adobe Flash Security Update Tackles Zero-Day Flaw | The Mac Security Blog 0 comments

 
5.04.2014
Mac Developer: Here comes a new, Web-wide security threat -- this time for OAuth & OpenID

Here comes a new, Web-wide security threat -- this time for OAuth & OpenID | VentureBeat | Security | by Barry Levine - When the flaw he calls Covert Redirect is exploited, you might click on a phishing link. It shows a popup window from a trusted site, and asks you to authorize a new app using, say, your Facebook login. But it then grabs your personal info – such as email address, birth date, or contacts — and sends it to the attacker.


Personally, I am amazed by what the data that JavaScript is able to grab from within a browser session. Keep that sandbox tightened!

Labels: , ,

By : Tighten Here comes a new, Web-wide security threat -- this time for OAuth & OpenID 0 comments

 
5.03.2014
Mac Developer: Apple to routinely inform users of government data requests

Apple to routinely inform users of government data requests
Apple, Microsoft, Facebook and Google are planning to inform users of government data seizures on a more routine basis unless a gag order is handed down from the appropriate authorities, reports The Washington Post."


I'm not paranoid. People are really out to get me!

Labels:

By : Tighten Apple to routinely inform users of government data requests 0 comments

 

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Quarantino    
 Downloads    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2015
All Rights Reserved
Tighten Pro