Links...
 
Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

7.30.2014
Mac Developer: Russia requests Apple provide access to source code | 9to5Mac

Russia requests Apple provide access to source code | 9to5Mac: "Reuters reports that Russia has asked Apple to provide the government with access to the company’s source code to make sure its iOS devices and Macs aren’t used for spying.
This is weirdly hilarious and disturbing at the same time.

Labels:

By : Tighten Russia requests Apple provide access to source code | 9to5Mac 0 comments

 
7.29.2014
Mac Developer: BBC News - Android Fake ID bug exposes smartphones and tablets

BBC News - Android Fake ID bug exposes smartphones and tablets
BlueBox Labs said it was particularly concerning as phone and tablet owners did not need to grant the malware special permissions for it to act.


If this is true, then essentially Android devices do not have codesigning protection. Sounds like any app can use a self-signed certificate chain to spoof the identifier of a well-known manufacturer. I guess the good news is they are fixing the bug.

Labels: , , , ,

By : Tighten BBC News - Android Fake ID bug exposes smartphones and tablets 0 comments

 
7.15.2014
Mac Developer: Apple begins encrypting iCloud email sent between providers | 9to5Mac

Apple begins encrypting iCloud email sent between providers | 9to5Mac
The change is documented on Google’s transparency website that shows the percentage of emails encrypted in transit for both inbound and outbound email exchanges


I can't tell if the world is changing or if we all simply woke up and smelled the malware.

Labels:

By : Tighten Apple begins encrypting iCloud email sent between providers | 9to5Mac 0 comments

 
7.13.2014
Mac Developer: Crypto certificates impersonating Google and Yahoo pose threat to Windows users | Ars Technica

Crypto certificates impersonating Google and Yahoo pose threat to Windows users | Ars Technica: "A blog post published Tuesday by Google security engineer Adam Langley said the fraudulent transport layer security (TLS) certificates were issued by the National Informatics Centre (NIC) of India, an intermediate certificate authority that is trusted and overseen by India's Controller of Certifying Authorities (CCA)."
My personal opinion is that many of the so-called trusted technologies that are in use on the internet have never really been properly audited or stress-tested. It's only as the malware networks reap their rewards that anyone is paying any real attention to exploits. Software is complex and hard to debug and it gets much worse when you consider a heterogenous system such as the global internet. On the plus side, a truly heterogenous system based on standards says that someone is going to emerge as a clear leader in this area.

I personally think the monolithic bloatware OS is going to be superseded in the coming years by something very minimalistic. Maybe a hypervisor. Something so small it can be completely tested and debugged.

This mad race to add OS features isn't really serving anyone. Except the marketers. In other words, people who don't have any vested long-term interest in the integrity of a user's experience. Just as long as the gloss is still the most prevalent consideration.

Oh, wait. Icon gloss has been deprecated for flat minimalistic design. By design I mean fashion fad.

Labels: , ,

By : Tighten Crypto certificates impersonating Google and Yahoo pose threat to Windows users | Ars Technica 0 comments

 
7.11.2014
Mac Developer: Malwarebytes takes in $30M, its first round since launching in 2008 | VentureBeat | Deals | by Richard Byrne Reilly

Malwarebytes takes in $30M, its first round since launching in 2008 | VentureBeat | Deals | by Richard Byrne Reilly: "It is an astonishing tale that continues to amaze. Today, Malwarebytes’ anti-virus security software protects the computers and mobile devices of more than 206 million clients who are fiercely loyal, employs 140 — 90 of whom occupy R&D roles — and will soon begin acquiring smaller players in the space."
The number of malware attacks per minute is troubling.

Labels:

By : Tighten Malwarebytes takes in $30M, its first round since launching in 2008 | VentureBeat | Deals | by Richard Byrne Reilly 0 comments

 
7.05.2014
Mac Developer: Inside App Extensions: the Cloud Kit-savvy Photos future of Apple's iPhoto & Aperture

Inside App Extensions: the Cloud Kit-savvy Photos future of Apple's iPhoto & Aperture
At the same time, the fact that Extensions are always bundled in an app means that developers can deploy new Extensions as an app update (allowing Instagram to make its filters available in Photos, for example), and sell Extensions as an additional feature for their existing apps.


Even though everyone is articulating the idea that XPC is some new technology, it's really just a security-wise reworking of distributed objects. Which is great. Because DO is a terrific tool for Objective-C developers. The fact that it is coming to iOS is awesome. It signals the end of the era of monolithic iOS apps and the beginning of something entirely new.

Labels: , ,

By : Tighten Inside App Extensions: the Cloud Kit-savvy Photos future of Apple's iPhoto & Aperture 0 comments

 

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Quarantino    
 Downloads    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2015
All Rights Reserved
Tighten Pro