Tighten Pro C/C++/Cocoa tool for codesign security, Developer ID, & Mac App Store Receipt Validation
Tighten Pro - in the Mac App Store
Tighten Pro is now available in the Mac App Store.
Simply click on the icon to the left to purchase directly from Apple.
Or choose PKCS#7Viewer.app by clicking the image to the right.
|
Mac Developer: NSA, GCHQ hacked Kaspersky, other cybersecurity companies – Snowden docs - YouTube
NSA, GCHQ hacked Kaspersky, other cybersecurity companies – Snowden docs - YouTube: "Published on Jun 23, 2015
US and British spy agencies worked to reverse-engineer antivirus software in order to 'exploit such software and to prevent detection of our activities.' Russian security firm Kaspersky Lab was particularly targeted."
Saw this on RT. Nothing in the Western press about it, which I think is very interesting.
Labels: security flaw, security policy
|
|
|
Mac Developer: Some T-Mobile iPhone users suffering from random restarts, 'blue screen of death' | iMore
Some T-Mobile iPhone users suffering from random restarts, 'blue screen of death' | iMore: "If you're encountering random reboots on your T-Mobile iPhone, you're not the only one. Several users on social media are reporting that iPhones on the Uncarrier are flashing blue for a second, and randomly rebooting every 20 to 30 minutes."
Is this why there are no more Mac vs. PC ads? Let us use the billions to crush PCs once and for all! Mac! Mac! Mac!
Labels: windows vs. ios vs android
|
|
|
Mac Developer: XARA, deconstructed: An in-depth look at OS X and iOS cross-app resource attacks | iMore
XARA, deconstructed: An in-depth look at OS X and iOS cross-app resource attacks | iMore: "This week, security researchers from Indiana University released details of four security vulnerabilities they discovered in Mac OS X and iOS. The researchers detailed their discoveries of what they call 'cross-app resource attacks' (referred to as XARA) in a whitepaper released Wednesday. Unfortunately, there has been a lot of confusion surrounding their research."
A little more about XARA which I think is quite serious on OSX.
Labels: security flaw
|
|
|
Mac Developer: Popcorn Time for iOS passes 1 million downloads on non-jailbroken devices | VentureBeat | Media | by Emil Protalinski
Popcorn Time for iOS passes 1 million downloads on non-jailbroken devices | VentureBeat | Media | by Emil Protalinski: "Because sideloading apps onto iOS was not achievable without jailbreaking your device, until now, the Popcorn Time group is ecstatic at having reached this milestone. It shows that iOS users are not just very interested in a Popcorn Time app for iOS, but they are eager to try an alternative to jailbreaking in order to get apps that Apple doesn’t approve of."
Don't fret. This is probably a good thing at this point in the evolution of the OS.
Labels: security policy
|
|
|
Mac Developer: Developer hacks Apple Watch to run native UIKit apps on watchOS 1.0 | 9to5Mac
Developer hacks Apple Watch to run native UIKit apps on watchOS 1.0 | 9to5Mac: "Well-known developer Steve Troughton-Smith, who previously was able to get real UIKit-backed apps running on Apple Watch with watchOS 2.0, now says that he has gotten native UIKit apps running on watchOS 1.0. Smith shared a video showing off the feat, which can be seen via the embed below."
O Daeng!
Labels: security
|
|
|
Mac Developer: The US Navy wants to buy unpatched security flaws
The US Navy wants to buy unpatched security flaws: "It won't surprise you to hear that governments are eager to buy unpatched security exploits for the sake of cyberdefense or surveillance, but they're rarely overt about it. No one must have told that to the US Navy until this week, however. The Electronic Frontier Foundation caught the military branch soliciting for both zero-day exploits and recently discovered vulnerabilities (less than six months old) for relatively common software from the likes of Apple, Google and Microsoft."
I don't feel like I'm the target. Do you?
Labels: security policy
|
|
|
Mac Developer: Report: Hack of government employee records discovered by product demo | Ars Technica
Report: Hack of government employee records discovered by product demo | Ars Technica: "Those statements may not be entirely accurate. According to a Wall Street Journal report, the breach was indeed discovered in April. But according to sources who spoke to the WSJ's Damian Paletta and Siobhan Hughes, it was in fact discovered during a sales demonstration of a network forensics software package called CyFIR by its developer, CyTech Services."
Will the truth be known? Labels: security
|
|
|
Mac Developer: Apple combines iOS and Mac developer programs into single Apple Developer Program | 9to5Mac
Apple combines iOS and Mac developer programs into single Apple Developer Program | 9to5Mac: "Apple has ended its separate iOS and Mac developer programs that required software makers to buy two different memberships in order to publish across the company’s various platforms and replaecd them with a single combined Apple Developer Program."
Even when they were separate the membership was still cheaper than buying a codesign certificate for WinXP development from a 3rd party service provider. Or call me wrong.
https://www.sslshopper.com/microsoft-authenticode-certificates.html
The range is $200 to $500 with no assurances as to the security of the root CA. With Apple's root protecting billions in IP, I feel pretty confident the trust chain is banzai!
Labels: codesign
|
|
|
Mac Developer: Edward Snowden hails Apple as 'pioneering' for iOS 8 security measures
Edward Snowden hails Apple as 'pioneering' for iOS 8 security measures: "'Basic technical safeguards such as encryption — once considered esoteric and unnecessary — are now enabled by default in the products of pioneering companies like Apple, ensuring that even if your phone is stolen, your private life remains private,' Snowden said."
Snowden gives thumbs up to iOS security.
Labels: android vs. ios, security policy
|
|
|
Mac Developer: New exploit leaves most Macs vulnerable to permanent backdooring | Ars Technica
New exploit leaves most Macs vulnerable to permanent backdooring | Ars Technica: "The attack, according to a blog post published Friday by well-known OS X security researcher Pedro Vilaca, affects Macs shipped prior to the middle of 2014 that are allowed to go into sleep mode. He found a way to reflash a Mac's BIOS using functionality contained in userland, which is the part of an operating system where installed applications and drivers are executed. By exploiting vulnerabilities such as those regularly found in Safari and other Web browsers, attackers can install malicious firmware that survives hard drive reformatting and reinstallation of the operating system."
Kind of disheartening, really.
Labels: security flaw
|
|
|
| |
|