Links...
 
Tighten Pro
C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation

Tighten Pro - in the Mac App Store

Tighten Pro is now available in the Mac App Store. Simply click on the icon to the left to purchase directly from Apple. Or choose PKCS#7Viewer.app by clicking the image to the right.

3.31.2015
Mac Developer: China reportedly defers banking technology regulations, relieves pressure on foreign firms

China reportedly defers banking technology regulations, relieves pressure on foreign firms: "Citing an unnamed U.S. official, Reuters reports U.S. Treasury Secretary Jack Lew met with Chinese officials, including Premier Li Keqiang, in Beijing presumably to discuss concerns over security measures designed to protect state-backed banking institutions from outside threats.
Code security doesn't go any higher than this.

Labels: , ,

By : Tighten China reportedly defers banking technology regulations, relieves pressure on foreign firms 0 comments

 
3.25.2015
Mac Developer: Woz says Apple would never hire him or Steve Jobs today | Cult of Mac

Woz says Apple would never hire him or Steve Jobs today | Cult of Mac: "Steve Wozniak thinks he and co-founder Steve Jobs could never have found employment at the company they created together, had they been in their twenties in 2015.

‘I look at the experience and education levels you need to get a job at Apple today and I think, ‘Well, Steve Jobs and I never could’ve gotten a job at Apple today,'’ Woz told The Australian Financial Review in an interview."
But they wouldn't need to because they could download Xcode and spend $100 to enroll in an Apple developer program and start their own company that way. It's the eco-system, silly.

Labels:

By : Tighten Woz says Apple would never hire him or Steve Jobs today | Cult of Mac 0 comments

 
Mac Developer: Google warns of fake digital certificates issued for its domains and potentially others (Updated) | VentureBeat | Security | by Dylan Tweney

Google warns of fake digital certificates issued for its domains and potentially others (Updated) | VentureBeat | Security | by Dylan Tweney: "Google revealed today that it has discovered several fake digital certificates for some of its domains.

That’s bad, because any browser accessing these domains via transport layer security (TLS; the latest security protocol, and a successor to SSL) counts on a certificate in order to be sure that it’s connecting with the real McCoy, not some imposter."
Everything is going to be stress tested in ways that can't even imagine.

Labels: ,

By : Tighten Google warns of fake digital certificates issued for its domains and potentially others (Updated) | VentureBeat | Security | by Dylan Tweney 0 comments

 
3.24.2015
Mac Developer: Apple's Safari among browsers taken down at Pwn2Own day 2

Apple's Safari among browsers taken down at Pwn2Own day 2: "South Korean security researcher Jung Hoon Lee toppled Safari with a use-after-free vulnerability, according to Threatpost. Lee was then able to bypass Safari's sandbox thanks to an uninitialized stack pointer, with the combined exploits netting him some $50,000 in prize money."
It's unfortunate, but the lazy code of browser-writers penalize everyone else who must spend months reworking application software to work within the confines of increasingly restrictive security sandboxes.

It's the browser. And apps that thinly wrap the browser (read: Facebook).

Labels: ,

By : Tighten Apple's Safari among browsers taken down at Pwn2Own day 2 0 comments

 
3.20.2015
Mac Developer: Apple reportedly cracks down on antivirus apps from iOS App Store, many apps pulled | 9to5Mac

Apple reportedly cracks down on antivirus apps from iOS App Store, many apps pulled | 9to5Mac: "One casualty of the removal is Intego’s VirusBarrier, which claims that this takedown was not specific to its product with Apple deciding the entire category of antivirus products is now off-limits."
I like the fact that Apple is fairly lax about editorializing App Store content, but it would be good if the app store became organized around search because otherwise in the long term, Google will be used to find apps in the store.

Labels: ,

By : Tighten Apple reportedly cracks down on antivirus apps from iOS App Store, many apps pulled | 9to5Mac 0 comments

 
3.19.2015
Mac Developer: Hundreds of iOS apps vulnerable to HTTPS-based FREAK attack

Hundreds of iOS apps vulnerable to HTTPS-based FREAK attack
Security researchers at FireEye recently went through thousands of iOS and Android apps and found that while a bulk are not vulnerable to the "FREAK" (Factoring RSA Export Keys) attack, a significant number are, reports Ars Technica.


Internal app security is the next frontier of security.

Labels: ,

By : Tighten Hundreds of iOS apps vulnerable to HTTPS-based FREAK attack 0 comments

 
3.17.2015
Mac Developer: Who's afraid of the Apple Watch?

Who's afraid of the Apple Watch?: "When experts at Bluebox Security examined a series of holiday-promoted Android products being sold in the U.S. at major retailers including Target and Walmart, it found that virtually every one of them was contaminated by malware or wide open vulnerabilities, in some cases with apparent malice involved, in the same fashion as Lenovo's intentional, ROI-motivated installation of Superfish advertising malware on its Windows notebooks."
It's not always good to lead in a category.

Labels:

By : Tighten Who's afraid of the Apple Watch? 0 comments

 
3.10.2015
Mac Developer: CIA has waged 'secret campaign' to crack Apple's iOS security - report

CIA has waged 'secret campaign' to crack Apple's iOS security - report: "Classified documents released by whistleblower Edward Snowden reveal that the Central Intelligence Agency has been engaged in a multi-year coordinated effort to crack the security of Apple's iOS platform, which powers and protects the iPhone and iPad."
If they were smart, they'd join forces with the NSA. Love that compartmentalization!

Labels:

By : Tighten CIA has waged 'secret campaign' to crack Apple's iOS security - report 0 comments

 
3.07.2015
Mac Developer: Security firm finds preinstalled malware on Xiaomi Mi 4 smartphone | VentureBeat | Security | by Ruth Reader

Security firm finds preinstalled malware on Xiaomi Mi 4 smartphone | VentureBeat | Security | by Ruth Reader: "Data security firm Bluebox has discovered preinstalled malware and a host of other issues with a Xiaomi Mi 4 device the company tested. Scarier still, the phone seems to have been tampered with by an unidentified third party."
Brave new world.

Labels: ,

By : Tighten Security firm finds preinstalled malware on Xiaomi Mi 4 smartphone | VentureBeat | Security | by Ruth Reader 0 comments

 
3.03.2015
Mac Developer: Researchers Find New 'FREAK' Security Flaw, Apple Says Fix Coming Soon - Mac Rumors

Researchers Find New 'FREAK' Security Flaw, Apple Says Fix Coming Soon - Mac Rumors: "Researchers have recently uncovered a major security flaw in software created by companies like Google and Apple, leaving many devices vulnerable to hacking attempts, reports The Washington Post. Called 'FREAK' (Factoring Attack on RSA-EXPORT Keys), the vulnerability stems from a U.S. government policy that once prevented companies from exporting strong encryption, requiring them to instead create weak 'export-grade' products to ship to customers outside of the United States. "
US policy, the gift that keeps on giving!

Labels: ,

By : Tighten Researchers Find New 'FREAK' Security Flaw, Apple Says Fix Coming Soon - Mac Rumors 0 comments

 
3.02.2015
Mac Developer: Cook teases ‘ton’ of Apple Watch announcements, including Panera Bread, Salesforce enterprise & fitness apps | 9to5Mac

Cook teases ‘ton’ of Apple Watch announcements, including Panera Bread, Salesforce enterprise & fitness apps | 9to5Mac: "In addition to discussing the international Apple Watch launch and accessibility efforts at a briefing in Germany, Apple CEO Tim Cook teased ‘a whole ton of announcements coming shortly about all of the apps coming’ for the Apple Watch, according to employees in attendance. Cook first highlighted the use of the Apple Watch in hotels by saying that ‘some of the best hotels in the world’ will allow Apple Watch users to use the wearable to unlock room doors."
Sounds like a good thing. Although I would worry that an unconscious person's finger can be used to unlock their iPhone TouchID. By unconscious, I mean sleeping.

Labels: ,

By : Tighten Cook teases ‘ton’ of Apple Watch announcements, including Panera Bread, Salesforce enterprise & fitness apps | 9to5Mac 0 comments

 

 

 
 
 

 Tighten    
 Generate    
 Secure    
 Inspect    
 Quarantino    
 QTZ    
 Downloads    
 Support    
 Documentation    
 Tighten App.app    
 Tighten Pro.app    
 PKCS#7Viewer.app    
 Quarzenegger.app    
 About    
 Hire    
 Contact    
 Blogger    
 FaceBook    
 iTunes Direct Link    
 Hollywood CA    
 spctl --assess -vvv    
 spctl --master-enable    
 spctl --master-disable    
 Mac App Store Receipt Validation    
 Apple Code Signing Certificates    
 Gatekeeper Developer ID Apple    
 Xcode codesign tutorial    
 [Site Map]    
 


Copyright © 2005-2020
All Rights Reserved
Tighten Pro