Links...
 
Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

10.31.2016
Mac Developer: New leak may show if you were hacked by the NSA | Ars Technica

New leak may show if you were hacked by the NSA | Ars Technica: "Shadow Brokers—the name used by a person or group that created seismic waves in August when it published some of the National Security Agency's most elite hacking tools—is back with a new leak that the group says reveals hundreds of organizations targeted by the NSA over more than a decade."

Tax dollars hard at work.

Labels:

By : Tighten New leak may show if you were hacked by the NSA | Ars Technica 0 comments

 
10.30.2016
Mac Developer: Lad cuffed after iOS call exploit knocks out Arizona 911 center • The Register

Lad cuffed after iOS call exploit knocks out Arizona 911 center • The Register: "The flood of calls from smartphones and tablets was eventually traced to Desai's personal site hosted in San Francisco, California; the cops managed to get the plug pulled on the site. The teen was arrested, taken to jail, and booked on three charges of computer tampering. A search warrant was also carried out at his home."

If only cybercrime laws were uniformly applied to Hilary Clinton.

Labels:

By : Tighten Lad cuffed after iOS call exploit knocks out Arizona 911 center • The Register 0 comments

 
10.29.2016
Mac Developer: Search engine results increasingly poisoned with malicious links • The Register

Search engine results increasingly poisoned with malicious links • The RegisterThe number of infected results has been increasing year by year since 2013 despite the application of multiple tools and technologies designed to exclude dodgy links, according to a study by independent anti-virus testing outfit AV-TEST.org.
Wowsers!

Labels: , ,

By : Tighten Search engine results increasingly poisoned with malicious links • The Register 0 comments

 
Mac Developer: How security flaws work: SQL injection | Ars Technica

How security flaws work: SQL injection | Ars TechnicaThe earliest description of these attacks probably came in 1998, when security researcher Jeff Forristal, writing under the name "rain.forest.puppy," wrote about various features of Microsoft's IIS 3 and 4 Web servers in the hacker publication Phrack.
Terrific article about an important subject.

Labels: , ,

By : Tighten How security flaws work: SQL injection | Ars Technica 0 comments

 
Mac Developer: AMD reveals Radeon Pro 400 series GPU specs, as used in new MacBook Pro | Ars Technica

AMD reveals Radeon Pro 400 series GPU specs, as used in new MacBook Pro | Ars TechnicaAMD has released a smattering of specs for the Radeon Pro 400 series on its Creators with Radeon Pro website, which show the Radeon Pro 450 used in the MacBook Pro to have a peak FP32 performance of around one teraflop. That's under half the 2.2 teraflops of the desktop-based RX 460 and miles behind the performance of Nvidia's Pascal-based laptop GPUs.
I liked the two GPU design that switched between the low-power Intel integrated graphics and the NVidia GPU as necessary.

Labels:

By : Tighten AMD reveals Radeon Pro 400 series GPU specs, as used in new MacBook Pro | Ars Technica 0 comments

 
10.27.2016
Mac Developer: How Google's Project Zero made Apple refactor its kernel • The Register

How Google's Project Zero made Apple refactor its kernel • The Register: "It took eight months, apparently, because of a basic architectural feature of the kernel: calling target functions directly instead of via the MIG IPC (Mach interface generator inter process communication) layer is fast, but “there’s no central point where access to a resource can be cut off”."

That pesky monolithic kernel is longing for the microkernel promised land. QNX forever!

Labels:

By : Tighten How Google's Project Zero made Apple refactor its kernel • The Register 0 comments

 
Mac Developer: “He’s not Edward Snowden,” lawyers for accused NSA contractor tell judge | Ars Technica

“He’s not Edward Snowden,” lawyers for accused NSA contractor tell judge | Ars Technica: "Defense attorneys representing Harold Martin, the former National Security Agency contractor accused of stealing a vast quantity of classified materials, have asked a more senior judge to review the decision that kept their client in federal custody."

Yet ultimately, the data was safer with him than it would've been with Hilary or anyone else connected with the DNC.

Labels:

By : Tighten “He’s not Edward Snowden,” lawyers for accused NSA contractor tell judge | Ars Technica 0 comments

 
10.23.2016
Mac Developer: Every LTE call, text, can be intercepted, blacked out, hacker finds • The Register

Every LTE call, text, can be intercepted, blacked out, hacker finds • The Register: "Ruxcon Hacker Wanqiao Zhang of Chinese hacking house Qihoo 360 has blown holes in 4G LTE networks by detailing how to intercept and make calls, send text messages and even force phones offline."

Best part of this story: she doesn't look anything like Kimdotcom.

Labels: , ,

By : Tighten Every LTE call, text, can be intercepted, blacked out, hacker finds • The Register 0 comments

 
Mac Developer: Como–D'oh! Infosec duo exploits OCR flaw to nab a website's HTTPS cert • The Register

Como–D'oh! Infosec duo exploits OCR flaw to nab a website's HTTPS cert • The Register: "Two European security researchers exploited Comodo's crappy backend systems to obtain a HTTPS certificate for a domain they do not own."

Security is hard and it's getting harder.

Labels: , ,

By : Tighten Como–D'oh! Infosec duo exploits OCR flaw to nab a website's HTTPS cert • The Register 0 comments

 
10.22.2016
Mac Developer: Double-dip Internet-of-Things botnet attack felt across the Internet | Ars Technica

Double-dip Internet-of-Things botnet attack felt across the Internet | Ars Technica: "The distributed denial of service attacks against dynamic domain name service provider Dyn this morning have now resurged. The attacks have caused outages at services across the Internet.

But this second wave of attacks appears to be affecting even more providers. According to Dale Drew, the chief security officer at Level 3 Communications, the attack is at least in part being mounted from a "botnet" of Internet-of-Things (IoT) devices."

More as the story develops...

Labels:

By : Tighten Double-dip Internet-of-Things botnet attack felt across the Internet | Ars Technica 0 comments

 
Mac Developer: Acronis: Yep, we're using blockchain for backup now • The Register

Acronis: Yep, we're using blockchain for backup now • The Register: "Acronis was reported as checking out Blockchain technology in May. It says Notary generates a time-stamped hash, or fingerprint, of protected data and stores it in digital currency house Ethereum, a public blockchain-based distributed computing platform. By comparing two fingerprints of the same data, Acronis Storage is able to verify immutability, authenticity, and integrity of stored data. Regrettably Ethereum suffered a hack in June, illustrating it's not that secure."

Amazeballs! Amazeblocks!

Labels:

By : Tighten Acronis: Yep, we're using blockchain for backup now • The Register 0 comments

 
Mac Developer: US internet users suffering under DDoS attacks on key DNS provider

US internet users suffering under DDoS attacks on key DNS provider: "Starting early Friday, assailants started a massive distributed denial of service (DDoS) attack on DNS provider Dyn's servers. Major sites like The Verge, HBO Now, CNN, Imgur, Paypal, and Reddit are all affected to some extent."

The failed behavior of JavaScript-based websites is a little bizarre to say the least.

Labels:

By : Tighten US internet users suffering under DDoS attacks on key DNS provider 0 comments

 
Mac Developer: Z1 (computer) - Wikipedia

Z1 (computer) - Wikipedia: "The Z1 was the first freely programmable computer in the world which used Boolean logic and binary floating point numbers"

Invented in Germany - well before the Americans and British.

Labels: ,

By : Tighten Z1 (computer) - Wikipedia 0 comments

 
10.20.2016
Mac Developer: “Most serious” Linux privilege-escalation bug ever is under active exploit (updated) | Ars Technica

“Most serious” Linux privilege-escalation bug ever is under active exploit (updated) | Ars Technica: "The vulnerability, a variety known as a race condition, was found in the way Linux memory handles a duplication technique called copy on write. Untrusted users can exploit it to gain highly privileged write-access rights to memory mappings that would normally be read-only"

Despite the collaborative nature of the kernel source base, the vulnerability is ubiquitous.

Labels:

By : Tighten “Most serious” Linux privilege-escalation bug ever is under active exploit (updated) | Ars Technica 0 comments

 
Mac Developer: Microsoft Surface sales boom amid tepid iPad demand

Microsoft Surface sales boom amid tepid iPad demand: "According to Microsoft's official numbers, Surface revenue came in at $926 million, up 38 percent compared to the same time last year. The surge for the quarter ending in September was largely due to a positive mix of premium devices sold, specifically top-tier Surface Book and Surface Pro 4 models."

Corporate IT developers like Windows because custom apps don't break on every new release of the OS. At least that's one idea.

Labels:

By : Tighten Microsoft Surface sales boom amid tepid iPad demand 0 comments

 
10.19.2016
Mac Developer: 2016 MacBook Pros with Intel Skylake | AppleInsider

2016 MacBook Pros with Intel Skylake | AppleInsider: "At this point, all signs are pointing to the inclusion of a MacBook Pro OLED touch-sensitive function bar replacing the traditional function keys. Both “Touch Bar” and “Control Strip” were seen in recent international trademark fillings given to AppleInsider."

The number one rule in real estate is: location, location, location.

Labels:

By : Tighten 2016 MacBook Pros with Intel Skylake | AppleInsider 0 comments

 
10.16.2016
Mac Developer: House wants “briefing as soon as possible” to grok how Yahoo spied | Ars Technica

House wants “briefing as soon as possible” to grok how Yahoo spied | Ars Technica: "Rep. Ted Lieu, a Democrat who represents a portion of Los Angeles County, told Ars that this type of forced government request was "flat out unconstitutional." "

Things that go hmmmm in the night.

Labels:

By : Tighten House wants “briefing as soon as possible” to grok how Yahoo spied | Ars Technica 0 comments

 
10.11.2016
Mac Developer: Twitter yanks data feeding tube out of police surveillance biz • The Register

Twitter yanks data feeding tube out of police surveillance biz • The Register: "Twitter has suspended its commercial relationship with a company called Geofeedia – which provides social media data to law enforcement agencies so that they can identify potential miscreants.

The social media company announced the change through its Policy account on Tuesday morning following the publication of a report by the American Civil Liberties Union (ACLU) of California."

What's not to love about this company? Great brand, great product.

Labels:

By : Tighten Twitter yanks data feeding tube out of police surveillance biz • The Register 0 comments

 
10.09.2016
Mac Developer: US government: Russia behind hacking campaign to disrupt US elections | Ars Technica

US government: Russia behind hacking campaign to disrupt US elections | Ars Technica: "The Office of the Director of National Intelligence and the Department of Homeland Security today jointly charged that the Russian government was responsible for directing a series of intrusions into the networks of US political organizations and state election boards."

Yawn. Trying to restart the cold war. The cold war is dead! Long live the war!

Labels:

By : Tighten US government: Russia behind hacking campaign to disrupt US elections | Ars Technica 0 comments

 
10.08.2016
Mac Developer: Devs! Here's how to secure your IoT network, in, uh, 75 easy pages • The Register

Devs! Here's how to secure your IoT network, in, uh, 75 easy pages • The Register: "An in-depth security guidance report aimed at Internet of Things developers has been released by the Cloud Security Alliance."

Seems like Skynet is shaping up to be based on the IOT network of insecure Linux appliances.

Labels:

By : Tighten Devs! Here's how to secure your IoT network, in, uh, 75 easy pages • The Register 0 comments

 
10.06.2016
Mac Developer: Ex-NSA staffer reveals Mac malware that can hack your camera and mic

Ex-NSA staffer reveals Mac malware that can hack your camera and mic: "Apple built a green LED light into every Mac with firmware-level protection that turns on anytime the sensor is tripped by unauthorized access. The security feature has become increasingly difficult for hackers to beat, but former NSA staffer Patrick Wardle found a way to piggyback on outgoing feeds and record them.

Mind the gap.

Labels:

By : Tighten Ex-NSA staffer reveals Mac malware that can hack your camera and mic 0 comments

 
Mac Developer: Yahoo email surveillance linked to court order, Apple denies any similar requests

Yahoo email surveillance linked to court order, Apple denies any similar requests: "Yahoo's tool to scan the contents of customer emails came as a result of a U.S. Foreign Intelligence Surveillance Court order last year, and was created by adapting otherwise benign software, a report indicated on Thursday."

We've got your back, er... backdoor.

Labels:

By : Tighten Yahoo email surveillance linked to court order, Apple denies any similar requests 0 comments

 
10.03.2016
Mac Developer: Apple to automatically cram macOS Sierra into Macs – 'cos that worked well for Windows 10 • The Register

Apple to automatically cram macOS Sierra into Macs – 'cos that worked well for Windows 10 • The Register: "This feature is usually switched on to receive security fixes and feature updates as soon as possible. Now it'll cause the Sierra upgrade to automatically download onto Macs running OS X El Capitan. Users can install the package by giving the go-ahead in a dialog box."

One of the many reasons I'm not running El Capitan.

Labels:

By : Tighten Apple to automatically cram macOS Sierra into Macs – 'cos that worked well for Windows 10 • The Register 0 comments

 
Mac Developer: Suspect 27" iMac model with Intel Kaby Lake pops up at Best Buy

Suspect 27" iMac model with Intel Kaby Lake pops up at Best Buy: "At some point on Sunday night, the line item for a new iMac appeared. Carrying a model number of K0SC0LL/A, the Best Buy web page claims it has a seventh generation Intel Core i7 processor, a 27-inch display, 32GB memory, a 2TB fusion drive, and the AMD Radeon R9 M380 graphics chipset with 2GB of video RAM."

Total mystery!

Labels:

By : Tighten Suspect 27" iMac model with Intel Kaby Lake pops up at Best Buy 0 comments

 
10.01.2016
Mac Developer: More than 400 malicious apps infiltrate Google Play | Ars Technica

More than 400 malicious apps infiltrate Google Play | Ars Technica: "Google Play was recently found to be hosting more than 400 apps that turned infected phones into listening posts that could siphon sensitive data out of the protected networks they connected to, security researchers said Thursday."

When freedom is unchecked.

Labels: , ,

By : Tighten More than 400 malicious apps infiltrate Google Play | Ars Technica 0 comments

 
Mac Developer: Crypto guru Matt Green asks courts for DMCA force field so he can safely write a textbook • The Register

Crypto guru Matt Green asks courts for DMCA force field so he can safely write a textbook • The Register: "Assistant Professor Matthew Green has asked US courts for protection so that he can write a textbook explaining cryptography without getting sued under the Digital Millennium Copyright Act."

Brave new world?

Labels: , ,

By : Tighten Crypto guru Matt Green asks courts for DMCA force field so he can safely write a textbook • The Register 0 comments

 

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Quarantino    
 QTZ    
 Downloads    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 Quarzenegger.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2020
All Rights Reserved
Tighten Pro