Links...
 
Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

9.30.2015
Mac Developer: Apple Leaves Two Obvious Security Weaknesses In Mac OS X El Capitan - Forbes

Apple Leaves Two Obvious Security Weaknesses In Mac OS X El Capitan - ForbesAAPL launched its latest iteration of Mac OS X today, El Capitan, but along with a host of fresh features there are two key weaknesses that researchers have warned leave users open to password theft and malware infection. Both reside in security tools designed to prevent attacks.
Two for the road.

Labels:

By : Tighten Apple Leaves Two Obvious Security Weaknesses In Mac OS X El Capitan - Forbes 0 comments

 
9.27.2015
Mac Developer: Hackers restore PlayStation TV compatibility that was blocked by Sony | Ars Technica

Hackers restore PlayStation TV compatibility that was blocked by Sony | Ars Technica Now, some enterprising hackers have apparently gone a long way toward fixing this problem by increasing the PlayStation TV's software compatibility with a simple hack. The method, as outlined on HackInformer, exploits an error in the PlayStation TV's e-mail app that lets users write files to the system memory by attaching them as fake images in a message.
The most worrisome phrase in this article is the use of the phrase "simple hack"

Labels:

By : Tighten Hackers restore PlayStation TV compatibility that was blocked by Sony | Ars Technica 0 comments

 
Mac Developer: GCHQ tried to track Web visits of “every visible user on Internet” | Ars Technica

GCHQ tried to track Web visits of “every visible user on Internet” | Ars Technica If you used the World Wide Web anytime after 2007, the United Kingdom's Government Communications Headquarters (GCHQ) has probably spied on you. That's the revelation contained in documents published today by The Intercept, which detail a GCHQ operation called "Karma Police"—a program that tracked Web browsing habits of people around the globe in what the agency itself billed as the "world's biggest" Internet data-mining operation, intended to eventually track "every visible user on the Internet."
Undoubtedly, monitoring these logs is easily the most boring job in the world.

Labels:

By : Tighten GCHQ tried to track Web visits of “every visible user on Internet” | Ars Technica 0 comments

 
9.24.2015
Mac Developer: UK cinema staff will wear night-vision goggles to fight Bond (piracy)

UK cinema staff will wear night-vision goggles to fight Bond (piracy) the ​Telegraph that says cinema staff in the UK will use military-grade night vision headsets to combat piracy during the UK's early run of the new Bond romp Spectre. Like something lifted straight out of a Bond film, staff will don these goggles in auditoriums across the country to catch those who are trying to record the movie for illegal distribution.
Cameras are getting smaller.

Labels:

By : Tighten UK cinema staff will wear night-vision goggles to fight Bond (piracy) 0 comments

 
9.22.2015
Mac Developer: ZERODIUM Announces $1 Million Dollars For Anyone Who Can Jailbreak iOS 9 | Redmond Pie

ZERODIUM Announces $1 Million Dollars For Anyone Who Can Jailbreak iOS 9 | Redmond Pie The firm’s out-of-the-blue iOS 9 bounty either insinuates that it believes Apple’s latest iteration of iOS is extremely secure, therefore making the money safe, or perhaps more likely, it has a client willing to pay big for a browser-based untethered jailbreak of iOS 9.
Although most hackers are not motivated by money.

Labels: ,

By : Tighten ZERODIUM Announces $1 Million Dollars For Anyone Who Can Jailbreak iOS 9 | Redmond Pie 0 comments

 
Mac Developer: A million developers used the Unity game engine in August | GamesBeat | Games | by Dean Takahashi

A million developers used the Unity game engine in August | GamesBeat | Games | by Dean Takahashi “Democratization is the founding idea of the company,” he said. “We put power in the hands of developers. The key idea we want to see is more people creating content than ever before. Game production is a fundamentally hard thing to do. Getting those games to work on multiple platforms is a very hard thing to do.”
Never hurts to have lofty, noble goals.

Labels:

By : Tighten A million developers used the Unity game engine in August | GamesBeat | Games | by Dean Takahashi 0 comments

 
9.21.2015
Mac Developer: Modified versions of Xcode used to sneak malware into App Store, Apple confirms [u]

Modified versions of Xcode used to sneak malware into App Store, Apple confirms [u]

About 40 infected apps made it onto the App Store, according to security researchers with Palo Alto Networks. Some of the apps were extremely high-profile, including WeChat and a popular ridesharing service, Didi Kuaidi.

Just put that old PowerBook to work as a downloader machine. Oh, except that older Safaris can no longer access Apple websites.

By : Tighten Modified versions of Xcode used to sneak malware into App Store, Apple confirms [u] 0 comments

 
9.18.2015
Mac Developer: In blunder threatening Windows users, D-Link publishes code-signing key | Ars Technica

In blunder threatening Windows users, D-Link publishes code-signing key | Ars Technica The key expired earlier this month, but Klijnsma said that any software that was signed before the expiration date will continue to be accepted as a legitimate D-Link release. He said the key is accepted by Microsoft Windows code-signing requirements and appears to be accepted by Apple's OS X as well.
The beginning of the end?

Labels:

By : Tighten In blunder threatening Windows users, D-Link publishes code-signing key | Ars Technica 0 comments

 
Mac Developer: AT&T sues former employees, alleging massive phone unlocking scheme | Ars Technica

AT&T sues former employees, alleging massive phone unlocking scheme | Ars Technica AT&T has filed a lawsuit against three former employees and a company that sells phone unlocking codes, claiming that they installed malware on AT&T's computer systems in order to illegally unlock hundreds of thousands of mobile phones.
Johnny Mnemonic is here at last.

Labels:

By : Tighten AT&T sues former employees, alleging massive phone unlocking scheme | Ars Technica 0 comments

 
9.17.2015
Mac Developer: iOS 9, OS X El Capitan close serious AirDrop vulnerability allowing malware infections

iOS 9, OS X El Capitan close serious AirDrop vulnerability allowing malware infections The technique bypasses Apple's security using a spoofed enterprise certificate, and can potentially be used against anyone within AirDrop range, Azimuth Security's Mark Dowd told Forbes. The attack forces the installation of a provisioning profile, and can alter iOS' Springboard to convince a device that the fake certificate is already trusted.
Kind of a showstopper as far as things like this go.

Labels: ,

By : Tighten iOS 9, OS X El Capitan close serious AirDrop vulnerability allowing malware infections 0 comments

 
9.13.2015
Mac Developer: You may be picking the wrong programmers | VentureBeat | Dev | by Ivan Bercovich, Graphiq

You may be picking the wrong programmers | VentureBeat | Dev | by Ivan Bercovich, Graphiq

The human tendency is to pursue the path with the fastest perceived growth, which encourages developers to constantly start new projects and learn new technologies.
That's how I sidestepped that whole garbage collection fiasco. Garbage in garbage out.

Labels:

By : Tighten You may be picking the wrong programmers | VentureBeat | Dev | by Ivan Bercovich, Graphiq 0 comments

 
9.11.2015
Mac Developer: Once seen as bulletproof, 11 million+ Ashley Madison passwords already cracked | Ars Technica

Once seen as bulletproof, 11 million+ Ashley Madison passwords already cracked | Ars Technica When the Ashley Madison hackers leaked close to 100 gigabytes' worth of sensitive documents belonging to the online dating service for people cheating on their romantic partners, there seemed to be one saving grace. User passwords were cryptographically protected using bcrypt, an algorithm so slow and computationally demanding it would literally take centuries to crack all 36 million of them.

Security researcher could only crack weak passwords—just 0.0668% of trove. Now, a crew of hobbyist crackers has uncovered programming errors that make more than 15 million of the Ashley Madison account passcodes orders of magnitude faster to crack.
Security is quite difficult to do right. I think it starts with the choice of FreeBSD.

Labels:

By : Tighten Once seen as bulletproof, 11 million+ Ashley Madison passwords already cracked | Ars Technica 0 comments

 
9.10.2015
Mac Developer: Google cracks down on ad injectors after receiving 300K complaints from Chrome users this year | VentureBeat | Marketing | by Ken Yeung

Google cracks down on ad injectors after receiving 300K complaints from Chrome users this year | VentureBeat | Marketing | by Ken Yeung Ad injection is when a program hijacks placement purchased by a legitimate advertiser. Instead of a branded advertisement, you’ll see something completely different, and potentially malicious in nature. An example given by Google is entering a website and getting prompted with this pop-up ad:
In the future, the browser tab will run in it's own VM.

Labels:

By : Tighten Google cracks down on ad injectors after receiving 300K complaints from Chrome users this year | VentureBeat | Marketing | by Ken Yeung 0 comments

 
9.08.2015
Mac Developer: How corporate fears of hacks just created Silicon Valley's newest $1 billion startup - CNET

How corporate fears of hacks just created Silicon Valley's newest $1 billion startup - CNET

Okta receives a $75 million investment, the latest sign companies are scrambling for cybersecurity software that can prevent them from becoming the next Ashley Madison, Sony or Target.
Hmmmm.

Labels:

By : Tighten How corporate fears of hacks just created Silicon Valley's newest $1 billion startup - CNET 0 comments

 
Mac Developer: US claim on the world’s servers at a crossroads | Ars Technica

US claim on the world’s servers at a crossroads | Ars Technica

Much of the tech sector, from Amazon and Microsoft to Verizon, oppose the US government's position in the closely watched case. These companies and a slew of others maintain that the enforcement of US law stops at the border.
Take a pint of Guiness while you're there, lad.

Labels:

By : Tighten US claim on the world’s servers at a crossroads | Ars Technica 0 comments

 
9.07.2015
Mac Developer: Malware menaces poison ads as Google, Yahoo! look away • The Register

Malware menaces poison ads as Google, Yahoo! look away • The Register

Online advertising has become an increasingly potent threat to end-user security on the internet. More hackers than ever are targeting the internet's money engine, using it as a powerful attack vector to hide exploits and compromise huge numbers of victims.
Flash, the gift that keeps on giving.

Labels: , ,

By : Tighten Malware menaces poison ads as Google, Yahoo! look away • The Register 0 comments

 
Mac Developer: Man who helped code highly destructive financial malware pleads guilty | Ars Technica

Man who helped code highly destructive financial malware pleads guilty | Ars Technica
The Latvian man accused of helping create the Gozi virus, which United States prosecutors dubbed "one of the most financially destructive computer viruses in history," has pleaded guilty.
https://www.youtube.com/watch?v=t-wUe5aEwHM

By : Tighten Man who helped code highly destructive financial malware pleads guilty | Ars Technica 0 comments

 
Mac Developer: Newly Discovered Android Ransomware Communicates Over XMPP, Poses As NSA | Redmond Pie

Newly Discovered Android Ransomware Communicates Over XMPP, Poses As NSA | Redmond Pie
A new strain of Android ransomware, which disguises itself as a legitimate application, has been discovered to be utilizing the Extensible Messaging and Presence Protocol (XMPP) for instant messaging, to receive commands and to communicate remotely with the server that controls the malicious installation.
Exciting new lifeforms in the petri dish of the future.

Labels: ,

By : Tighten Newly Discovered Android Ransomware Communicates Over XMPP, Poses As NSA | Redmond Pie 0 comments

 
9.06.2015
Mac Developer: Harvard Law Professor Crowdfunds $1 Million, Launches Presidential Bid : The Two-Way : NPR

Harvard Law Professor Crowdfunds $1 Million, Launches Presidential Bid : The Two-Way : NPR
Harvard Law Professor Lawrence Lessig met his self-imposed goal of crowd-funding $1 million by Labor Day, and Sunday on ABC announced he's running for the Democratic nomination for President.
I have been a fan of Mr. Lessig for some time. Got a chance to meet him at SXSW in 2002. The Austin years!

Labels:

By : Tighten Harvard Law Professor Crowdfunds $1 Million, Launches Presidential Bid : The Two-Way : NPR 0 comments

 
9.01.2015
Mac Developer: Malware swipes 225,000 Apple accounts through jailbroken iPhones

Malware swipes 225,000 Apple accounts through jailbroken iPhones: "Researchers have discovered a strain of iOS malware, nicknamed KeyRaider, that has stolen over 225,000 Apple IDs from jailbroken devices. The software takes advantage of Chinese app repositories that let people directly upload and share their own titles. If you happen to download the code, it'll either scoop up your Apple account data (to give rogue users 'free' apps) or hold your phone for ransom."
As they say, you get what you pay for.

Labels:

By : Tighten Malware swipes 225,000 Apple accounts through jailbroken iPhones 0 comments

 

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Quarantino    
 Downloads    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2015
All Rights Reserved
Tighten Pro