Links...
 
Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

9.30.2016
Mac Developer: Verizon techie sold people's call logs at $75 a head to private dick • The Register

Verizon techie sold people's call logs at $75 a head to private dick • The Register: "A former Verizon Wireless employee is facing time behind bars after he pled guilty to selling customer records.

Daniel E Traeger copped to one charge of unauthorized access to a protected computer, admitting that from September of 2011 to January of 2014 he accessed and sold customer mobile records, including phone location and call logs, to a private investigator."

Is this the least of your privacy concerns?

Labels:

By : Tighten Verizon techie sold people's call logs at $75 a head to private dick • The Register 0 comments

 
9.29.2016
Mac Developer: Inside iOS 10: Apple doubles down on security with cutting edge differential privacy

Inside iOS 10: Apple doubles down on security with cutting edge differential privacy: "Apple has doubled down on privacy protection by researching cutting-edge privacy techniques for iOS 10, allowing advanced new features while protecting user data."

Double-stuffed oreos.

Labels:

By : Tighten Inside iOS 10: Apple doubles down on security with cutting edge differential privacy 0 comments

 
9.28.2016
Mac Developer: Apple summons security experts for bug bounty program brief - report

Apple summons security experts for bug bounty program brief - report: "Apple has allegedly invited a bevy of third party security experts and device hackers to its headquarters to break down the details of the previously announced bug bounty program for macOS and iOS."

Open the kimono.

Labels:

By : Tighten Apple summons security experts for bug bounty program brief - report 0 comments

 
9.27.2016
Mac Developer: Suspected Russian DNC hackers brew Mac trojan • The Register

Suspected Russian DNC hackers brew Mac trojan • The Register: "Suspected Russian hackers fingered for hacking the United States Democratic National Committee (DNC) have brewed a trojan targeting Mac OS X machines in the aerospace sector, says Palo Alto researcher Ryan Olson."

All five Macs in use in aerospace may be infected, but the 100 million Windows machines are not.

Labels:

By : Tighten Suspected Russian DNC hackers brew Mac trojan • The Register 0 comments

 
9.24.2016
Mac Developer: Safe browsing checks fail as 16,000 WordPress sites hacked this year • The Register

Safe browsing checks fail as 16,000 WordPress sites hacked this year • The RegisterAt least 15,769 WordPress websites - and probably more - have been compromised this year, half slipping past Google's Safe Browsing checks, says security researcher Daniel Cid.

The world's most popular content management system represented the lion's share of some 21,821 sites studied in the second 2016 Sucuri report on compromised web properties that found 3099 Joomla! sites were hacked in the same period.
Personally a fan of Blogger run by Google's noc engineers rather than limited by my ability to patch PHP, upgrade WP plug-ins and so forth.

Labels:

By : Tighten Safe browsing checks fail as 16,000 WordPress sites hacked this year • The Register 0 comments

 
9.23.2016
Mac Developer: Why the silencing of KrebsOnSecurity opens a troubling chapter for the ‘Net | Ars Technica

Why the silencing of KrebsOnSecurity opens a troubling chapter for the ‘Net | Ars Technica: "On Thursday morning, exactly two weeks after Krebs published his first post, he reported that a sustained attack was bombarding his site with as much as 620 gigabits per second of junk data. "

Apple and Google have much to lose if security weakness are unreported and they also have the server farms to defend this guy.

Labels:

By : Tighten Why the silencing of KrebsOnSecurity opens a troubling chapter for the ‘Net | Ars Technica 0 comments

 
Mac Developer: Yahoo confirms at least 500M accounts impacted by 2014 security breach

Yahoo confirms at least 500M accounts impacted by 2014 security breach: "Yahoo on Thursday announced that information associated with at least 500 million accounts was stolen in a security breach of its network in 2014, claiming a "state-sponsored actor" was behind the attack."

And we wanted to inform you "right away";

Labels:

By : Tighten Yahoo confirms at least 500M accounts impacted by 2014 security breach 0 comments

 
9.22.2016
Mac Developer: Apple buys out machine learning firm Tuplejump

Apple buys out machine learning firm Tuplejump: "Apple has bought out Tuplejump, its third machine learning acquisition in the space of a year, a report said on Thursday."

The real loss here is having a (company (named Tuplejump)).

By : Tighten Apple buys out machine learning firm Tuplejump 0 comments

 
Mac Developer: The arms race to protect apps from cracking | Cult of Mac

The arms race to protect apps from cracking | Cult of Mac: "App developers put a lot of time and effort into preventing their apps from being cracked or pirated. But for every coder taking a step toward making an app more secure, there’s someone on the march to crack it. The integrity of any app is subject to an ongoing arms race."

The downward spiral...

Labels:

By : Tighten The arms race to protect apps from cracking | Cult of Mac 0 comments

 
9.21.2016
Mac Developer: Think Your Mobile App is Hack Proof | App Developer Magazine

Think Your Mobile App is Hack Proof | App Developer Magazine: "In the worst cases, a hack exposes a company to serious risks, and the impact for businesses and users can be devastating. Imagine having your mobile health app reprogrammed to instruct you to deliver a lethal dose of medication. Or your mobile finance app draining your bank account by redirecting funds."

A zero-day exploit could ruin your whole valuation.

Labels:

By : Tighten Think Your Mobile App is Hack Proof | App Developer Magazine 0 comments

 
9.20.2016
Mac Developer: Professor proves NAND mirroring attack thwarts iPhone 5c security protocols

Professor proves NAND mirroring attack thwarts iPhone 5c security protocols: "A Cambridge computer scientist used $100 of hardware to clone an iPhone 5c's NAND memory chip in a successful attempt at bypassing the handset's encryption lock, seemingly proving correct theories lobbed in the aftermath of Apple's encryption fight with the FBI.

Troubling for privacy advocates.

Labels: ,

By : Tighten Professor proves NAND mirroring attack thwarts iPhone 5c security protocols 0 comments

 
9.18.2016
Mac Developer: Accused UK hacker to be extradited to the US to face charges | Ars Technica

Accused UK hacker to be extradited to the US to face charges | Ars Technica: "Love, 31, is alleged to have been involved in the #OpLastResort hack in 2013, which targeted the US Army, the US Federal Reserve, the FBI, NASA, and the Missile Defense Agency in retaliation over the suicide, while awaiting trial, of Aaron Swartz."

Reality.

Labels:

By : Tighten Accused UK hacker to be extradited to the US to face charges | Ars Technica 0 comments

 
Mac Developer: Snowden’s bias is blatant—but Gordon-Levitt makes its message powerful | Ars Technica

Snowden’s bias is blatant—but Gordon-Levitt makes its message powerful | Ars Technica: "The first major film event about Edward Snowden did not come this year thanks to Director Oliver Stone. Instead, it came in the form of Citizenfour, the deserving winner of the 2015 Academy Award for Best Documentary."

Movie.

Labels:

By : Tighten Snowden’s bias is blatant—but Gordon-Levitt makes its message powerful | Ars Technica 0 comments

 
9.16.2016
Mac Developer: Publishers must let online readers pay for news anonymously | Technology | The Guardian

Publishers must let online readers pay for news anonymously | Technology | The Guardian: "Online newspapers and magazines have come to depend, for their income, on a system of advertising and surveillance, which is both annoying and unjust.

Readers are rebelling by installing ad blockers, which cut into the publisher’s surveillance-based income. And in response, some sites are cutting off access to readers unless they accept being surveilled. What they ought to do instead is give us a truly anonymous way to pay."

On the mic.

Labels:

By : Tighten Publishers must let online readers pay for news anonymously | Technology | The Guardian 0 comments

 
Mac Developer: Swedish appeals court upholds arrest warrant for Julian Assange • The Register

Swedish appeals court upholds arrest warrant for Julian Assange • The Register: "Assange had sought to appeal the warrant for his arrest, though not the charges, as a means of achieving escape from the Ecuadorian embassy where he has been holed up now for over four years."

Sweden: modern democratic state or vassals of US foreign policy?

Labels:

By : Tighten Swedish appeals court upholds arrest warrant for Julian Assange • The Register 0 comments

 
9.14.2016
Mac Developer: Researcher reports XSS hole in Google France • The Register

Researcher reports XSS hole in Google France • The Register: "Security researchers have disclosed an cross-site scripting vulnerability in Google France."

The browser: ubiquitous and vulnerable always.

Labels:

By : Tighten Researcher reports XSS hole in Google France • The Register 0 comments

 
Mac Developer: Ted Cruz channels Senator McCarthy in wrongheaded internet power grab crusade • The Register

Ted Cruz channels Senator McCarthy in wrongheaded internet power grab crusade • The Register: "With echoes of the notorious hearings run by Senator Joseph McCarthy in the 1950s, Wednesday saw Senator Ted Cruz cajole, misrepresent and then outright threaten witnesses to a hearing he called over the important change to the internet's functioning."

One must wonder how he was elected. Maybe his pals bought him a seat in the Senate.

Labels:

By : Tighten Ted Cruz channels Senator McCarthy in wrongheaded internet power grab crusade • The Register 0 comments

 
9.13.2016
Mac Developer: Thousands of infected FTP servers net attackers $88k in cryptocurrency | Ars Technica

Thousands of infected FTP servers net attackers $88k in cryptocurrency | Ars Technica: "ttackers are draining the CPU and power resources of thousands file transfer protocol servers by infecting them with malware that surreptitiously mints the relatively new crypto currency called Monero, researchers said."

Cyber-mining on the frontier.

Labels:

By : Tighten Thousands of infected FTP servers net attackers $88k in cryptocurrency | Ars Technica 0 comments

 
9.09.2016
Mac Developer: Two critical bugs and more malicious apps make for a bad week for Android | Ars Technica

Two critical bugs and more malicious apps make for a bad week for Android | Ars Technica: "It was a bad week for millions of Android phone users. Two critical vulnerabilities were disclosed but remain unpatched in a large percentage of devices, while, separately, malicious apps were downloaded as many as 2.5 million times from Google's official Play Marketplace."

Dang kiddies, it's harsh out there. Watch your parking meters.

Labels:

By : Tighten Two critical bugs and more malicious apps make for a bad week for Android | Ars Technica 0 comments

 
Mac Developer: Raspberry Pi sells over 10 million computers | Ars Technica

Raspberry Pi sells over 10 million computers | Ars Technica: "Four years since it first went on sale to eager developers, the credit card-sized Raspberry Pi computer has sold an impressive 10 million units."

Essentially, this generation's Apple ][ or C64.

Labels:

By : Tighten Raspberry Pi sells over 10 million computers | Ars Technica 0 comments

 
9.07.2016
Mac Developer: Kaspersky Ireland R&D haus • The Register

Kaspersky Ireland R&D haus • The Register: "With an initial investment of close to $5m, Kaspersky plans to create 50 new Dublin-based roles in the next three years. The new office will focus mainly on developing data analysis and machine learning technologies for the firm’s enterprise product line-up.

The Russian security software firm selected Dublin because of the city’s “growing reputation as a major European tech hub, providing access to a highly skilled IT talent pool and a strong network of innovative technology companies”."

Not just a tax haven, actually a civilized democracy unlike many other EU countries.

Labels:

By : Tighten Kaspersky Ireland R&D haus • The Register 0 comments

 
Mac Developer: Spoof an Ethernet adapter on USB, and you can sniff credentials from locked laptops • The Register

Spoof an Ethernet adapter on USB, and you can sniff credentials from locked laptops • The Register: "Security consultant and blogger Rob Fuller has turned a USB SoC-based device into a credential-sniffer that works even on locked machines."

Security is hard and getting harder all the time.

Labels:

By : Tighten Spoof an Ethernet adapter on USB, and you can sniff credentials from locked laptops • The Register 0 comments

 
9.06.2016
Mac Developer: Genius Bar doesn't hire retired Apple engineer, fires up age discrimination debate

Genius Bar doesn't hire retired Apple engineer, fires up age discrimination debate: "Famously, Facebook Chief Executive Mark Zuckerberg said that "young people are just smarter" at a conference in 2007."

Young people write shitty code and too much of it. There's so much of it out there. Shitty code, that is. University grads produce terrible code. If you don't believe me, go on github and read it. Yawn.

From time to time I do contracting jobs on iOS projects. Almost always, they hire me after 4 engineers have tried to solve the problem and failed.

One thing older engineers typically do not do is sell their soul (read: 90 hour work weeks) to an inexperienced CEO and his VC overlord for stock options that in 3-5 years will be worthless slips of paper.

Labels:

By : Tighten Genius Bar doesn't hire retired Apple engineer, fires up age discrimination debate 0 comments

 
9.03.2016
Mac Developer: Feds pin brazen kernel.org intrusion on 27-year-old programmer | Ars Technica

Feds pin brazen kernel.org intrusion on 27-year-old programmer | Ars Technica: "The indictment refers to kernel.org officials P.A. and J.H., who are presumed to be Linux kernel developer H. Peter Anvin and kernel.org Chief System Administrator John "'Warthog9" Hawley, respectively. It went on to say that Austin used the credentials to install a class of extremely hard-to-detect malware known as a rootkit and a Trojan that logs the credentials of authorized users who use the secure shell protocol to access an infected computer."

If the chief admin of the kernel was 0wned what mere mortal is safe?

Labels:

By : Tighten Feds pin brazen kernel.org intrusion on 27-year-old programmer | Ars Technica 0 comments

 
Mac Developer: New OS X security updates patch same zero-days as iOS 9.3.5 | Ars Technica

New OS X security updates patch same zero-days as iOS 9.3.5 | Ars Technica: "Late last week, Apple released iOS 9.3.5 to patch three zero-day bugs that could be used to access personal data on an infected phone. Dubbed "Trident," the bugs were used to create spyware called Pegasus that was used to target at least one political dissident in the United Arab Emirates."

Paddling as fast as I can to keep from inadvertently becoming a tool of the dystopian Orwellian civilization called Earth.

Labels:

By : Tighten New OS X security updates patch same zero-days as iOS 9.3.5 | Ars Technica 0 comments

 

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Quarantino    
 QTZ    
 Downloads    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 Quarzenegger.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2020
All Rights Reserved
Tighten Pro